Overview
The ChannelAdvisor APIs use both Authentication and Authorization to protect our clients' data. This includes DeveloperKey, password, AccountKey and granted access (authorization) to an accounts data. This page will you help you understand how to work with these keys, as well as help you understand when you need to request a developerKey, and when to request an AccountKey.
Key Concepts
| Concept | Description |
|---|---|
| AccountKey | An AccountKey has a one-to-one relation with a Merchant posting account (ProfileID). This key does not have the same value as a ProfileID. It is a GUID that will look something like this: 1111-222-4444-333. If your ChannelAdvisor client account has 5 accounts, you will also have 5 AccountKeys. Without submitting a request to grant someone access to your account, no one can access your data simply by knowing your AccountKey. |
| DeveloperKey | A Developer Key is a unique value that identifies the creator of an application. It is also in the format of a GUID. If you are developing an application in-house, you will need to request a DeveloperKey here If you are requesting a DeveloperKey to create an application for a ChannelAdvisor client, your client will need to grant you access (see Granting access below) |
| password | Each DeveloperKey has a password. This is a password generated by the API administation system which will be assigned to the DeveloperKey. It is not the same password that a client would use to log into the ChannelAdvisor Marketplaces Premium web site. |
| Granting access to your account | Granting access to a CA account can be done only by a logged in CA user here: http://ssc.channeladvisor.com/support/grantAPI.php 1. A Client wants to use an existing integrated application such as TradeBox. Submitting a request through the above link will allow users to enter Tradebox as the integration partner. Based on this request, we will grant the TradeBox DeveloperKey access to the account requested. 2. If a client adds a new posting account to ChannelAdvisor, this new account will need to be granted the same access as their existing accounts. In other words access is not inherited from similar accounts. |