The developer should register their new application through the developer console. An application ID and shared secret is generated automatically. New applications can be registered at https://api.channeladvisor.com/developerconsole.
A Developer Key and Password are required to log in.
A new developer key does not automatically come with access to any ChannelAdvisor accounts. To perform any operations described in this documentation, gain authorization to an account first.
There are three ways to gain authorization to ChannelAdvisor accounts using the REST API.
|OAuth 2.0 Authorization Flow||A web server application should always use the authorization code flow. This is the most popular and the most secure of all of the authorization flows. Once an authorization code is acquired it may be exchanged within 5 minutes for an access token by using the shared secret.||User-driven desktop or web-based applications that want to maintain the most secure integration with ChannelAdvisor.|
|Developer Console Token||The developer console can be used to manually create a refresh token, which an integration may use to generate access tokens as needed via the token endpoint.||Automated or back-end integrations that do not have ongoing user involvement.|
|SOAP API Credentials Flow||A developer key that has already been granted SOAP API access to a ChannelAdvisor account can request a REST API access token. This is a bridge for established ChannelAdvisor partners to carry their existing SOAP account access to the REST API without requiring intervention from the seller. A pre-authenticated access token can be acquired from the token endpoint.||An existing SOAP API integration where developer credentials and authorizations are already in use.|