Callbacks API: Authorization

January 01, 0001

Authorization is based on apiKey. It must be provided as a value to the corresponding parameter of "auth" RPC call.

To successfully authorize with the Callbacks API, your client's IP address must be included to a white list on the Seller Center side.

For Seller Center admins

Setting the apiKey and whitelist of IP addresses can be done from Seller Center -> Maintenance -> Configuration Parameters -> Systems Credentials -> Edit the "Shop - Callback Server" entry

You should treat auth RPC call as json-rpc notification and omit id for it.

[
  {
   "jsonrpc": "2.0", 
   "method": "auth", 
   "params": {"apiKey":"12345"}
  },
  {
  	"jsonrpc": "2.0", 
	  "method":"Callback.process",
  	"params": {
    	"result": [
        // Response
    	]
	  },
  	"id": "122" //This is the request unique id sent earlier
	}
]

Authorization should be always first RPC call in a batch.

All calls before authorization will have "Could not authorize request" error.

{
	"jsonrpc": "2.0", 
  "error": {
    "code": -32001, 
    "message": "Could not authorize request",
    "data": null
  }, 
  "id": "122"
}

Callbacks API: Authorization

For Seller Center admins

Authorization should be always first RPC call in a batch.

Table of Contents

Pages in Categories

Tags