Understanding Security
Overview
The ChannelAdvisor API uses both authentication and authorization to protect our clients' data. This security model includes DeveloperKey, password, AccountID and granted access (authorization) to an account's data. This page will you help you understand how to work with these concepts.
Key Concepts
Concept |
Description |
---|---|
AccountID |
AccountID has a one-to-one relation with a ChannelAdvisor account, which also has a ProfileID. AccountID does not have the same value as a corresponding ProfileID. It is a GUID of the form 11111111-2222-3333-4444-555555555555, while ProfileID is an eight-digit integer. If your ChannelAdvisor client has multiple accounts, you will need to use a separate AccountID for each account. Simply knowing an AccountID is not enough to access an account's data. The developer key must be authorized to gain access. |
Developer Key |
A developer key is a unique value that identifies the creator of an application. It is a GUID similar to AccountID. To get started developing an application in-house, you will need to Request API Developer Credentialsto acquire a developer key. |
Password |
Each developer key has a password that is specified when the developer key is requested. The password is separate from any user credentials that may be used to log into the ChannelAdvisor UI. |
Granting Access To An Account |
Granting a developer key access to a ChannelAdvisor account can be accomplished using the following steps:
|