The ChannelAdvisor API uses both authentication and authorization to protect our clients' data. This security model includes DeveloperKey, password, AccountID and granted access (authorization) to an account's data. This page will you help you understand how to work with these concepts.
|AccountID||An AccountID has a one-to-one relation with a ChannelAdvisor Complete posting account, which has a ProfileID. This AccountID does not have the same value as a ProfileID. It is a GUID that will look something like this: 11111111-2222-3333-4444-555555555555, while a ProfileID is an eight-digit integer. If your ChannelAdvisor client account has five posting accounts, you will need to work with five separate AccountIDs. Without being granted authorization to an account, nobody can access that account's data simply by knowing the AccountID.|
|DeveloperKey|| A DeveloperKey is a unique value that identifies the creator of an application. It is also in the format of a GUID. If you are developing an application in-house, you will need to Request API Developer Credentials.
An email containing an activation URL will be sent to the email address you supply during sign-up. Please add email@example.com to your safe list so the activation email is not blocked by a spam filter. After activation, your DeveloperKey may be granted access to one or more accounts. See Granting Access below to find out how this is done.
|Password||Each DeveloperKey has a password. This password is specified when you request your DeveloperKey. It is not the same password that a client would use to log into the ChannelAdvisor Complete web site.|
|Granting Access To an Account|| Granting a DeveloperKey access to a CA account can be accomplished using the following steps.