Web Connection User Discussions
eBay oAuth security???
Gravatar is a globally recognized avatar based on your email address. eBay oAuth security???
  Michael Hogan (Ideate Hosting)
  All
  Apr 23, 2021 @ 09:15am

eBay is switching to oAuth only - so we've got to communicate with eBay's oAuth to get a user token and grab the refresh token so we can use the refresh token for subsequent interactions:

About refresh tokens For security, a User access token is short-lived. However, a Refresh token is long-lived and you can use it to renew a User access token after the token expires. The benefit is that you don't need to get the account-owner's consent each time you need to renew their User access token.

Does anyone have experience in obtaining these tokens in WebConnect? We do use the Chilkat components (excellent suite of tools) to get us part of the way... but we are having trouble getting the user/refresh tokens in the first place.

Gravatar is a globally recognized avatar based on your email address. re: eBay oAuth security???
  Rick Strahl
  Michael Hogan (Ideate Hosting)
  Apr 24, 2021 @ 12:24am

Doesn't oAuth normally require you to have a redirect workflow with a callback? I'm not sure how Chilkat fits into that - I think most oAuth implementation involve a bunch of back and forth between your site and the host and you peel the token out of the request data or cookie that gets set.

Every oAuth implementation is different though...

+++ Rick ---

Gravatar is a globally recognized avatar based on your email address. re: eBay oAuth security???
  Michael Hogan (Ideate Hosting)
  Rick Strahl
  Apr 24, 2021 @ 02:58am

Yes - that's pretty much what we're learning. Several back-and-forth transactions to renew tokens and such, after an initial manual login to get things going (as I understand it so far).

Chilkat seems to spawn a web service in the background to grab the transaction - which is really pretty cool - but I think I'd rather just add a couple of methods to our existing webconnect website to handle receiving the tokens.

© 1996-2021