All eBay RESTful APIs use the OAuth 2.0 protocol for authorization. OAuth is the industry standard for assuring your online transactions are secure, and you must provide a valid access token for each request you make to the eBay RESTful interfaces.
OAuth access tokens verify to eBay that a request is coming from a valid client and that the application has the user's authorization to carry out the requests. (Learn more about the OAuth Access Tokens.) eBay provides OAuth client libraries. The C# version can be downloaded from GitHub here, and the Java version can be downloaded from this GitHub location.
eBay OAuth Client Library in C#
The eBay OAuth Client Library supports different grant flows:
Client credentials grant allows an application to get an access token for resources owned by the client. This grant type flow is for a client app and the authorization server.
Authorization code grant is used by the application to get an access token after a user authorizes the application. The application acts on behalf of a registered end-user. The client sends a user to eBay Sign-In flow to authenticate and grant access to the application.
Refresh token grant is used by clients to exchange refresh token for an access token when the access token has expired.
Learn more about the Access Token Grant. The library caches the client credential grant type access token and refreshes the token if it’s already expired.
eBay OAuth Client is a class library that targets the .NET Standard 2.0. This library can be used by any .NET implementation that supports 2.0 version of the .NET Standard.
OpenAPI Specification for eBay RESTful APIs and OAuth Client Library
For all of our RESTful APIs, we exposed contracts based on the OpenAPI specification. There are plenty of open source tools (Swagger Codegen is one of them), to generate client SDK for the API from OpenAPI specification.
Add the eBay.OAuth.Client NuGet Package
eBay OAuth C# Client Library is an open source project and use of this source code is governed by an Apache-2.0 license.
If you're looking for the latest stable version (1.0.0), you can grab it directly from NuGet.org (.NET Standard 2.0).
https://www.nuget.org/packages/eBay.OAuth.Client
NuGet Package Manager UI
Prerequisites:
-
Visual Studio 2017 with the Universal Windows Platform development workload, or
-
Visual Studio 2015 Update 3 with Tools for Universal Windows Apps.
You can add eBay.OAuth.Client version 1.0.0 as a NuGet Package in your application:
-
In Solution Explorer, right-click NuGet in .csproj and choose Add Package.
-
Search for eBay.OAuth.Client, select that package in the list and click on Add Package
-
Accept the License prompt
Package Manager Console
-
Use the following command in your project directory, to install the eBay.OAuth.Client package:
Install-Package eBay.OAuth.Client -Version 1.0.0
-
After the command completes, open the .csproj file to see the added reference:
<ItemGroup> <PackageReference Include="eBay.OAuth.Client" Version="1.0.0" /> </ItemGroup>
.NET CLI
-
Use the following command in your project directory, to install the eBay.OAuth.Client package:
dotnet add package eBay.OAuth.Client --version 1.0.0 -
After the command completes, open the .csproj file to see the added reference:
<ItemGroup> <PackageReference Include="eBay.OAuth.Client" Version="1.0.0" /> </ItemGroup>
Paket CLI
-
Use the following command in your project directory, to install the eBay.OAuth.Client package:
paket add eBay.OAuth.Client --version 1.0.0 -
After the command completes, open the .csproj file to see the added reference:
<ItemGroup> <PackageReference Include="eBay.OAuth.Client" Version="1.0.0" /> </ItemGroup>
Build eBay.OAuth.Client DLL from Source
-
Clone the project from https://github.com/eBay/ebay-oauth-csharp-client:
paket add eBay.OAuth.Client --version 1.0.0 -
After cloning the project, you can build the package from the source by executing the following script from the project directory:
./build.sh -
ebay-oauth-csharp-client.dll will be created at ebay-oauth-csharp-client/bin/Debug/netstandard2.0/
Use the eBay.OAuth.Client in the .NET App
-
Create a config YAML file in your application. The config file should contain your eBay applications keys: App Id, Cert Id & Dev Id. Learn more about creating application keys.
name: ebay-config api.sandbox.ebay.com: appid: <appid-from-developer-portal> certid: <certid-from-developer-portal> devid: <devid-from-developer-portal> redirecturi: <redirect_uri-from-developer-portal> Api.ebay.com: appid: <appid-from-developer-portal> certid: <certid-from-developer-portal> devid: <devid-from-developer-portal> redirecturi: <redirect_uri-from-developer-portal>A sample config file is available at https://github.com/eBay/ebay-oauth-csharp-client/blob/master/Tests/ebay-config-sample.yaml
-
Once the config file is ready, use the following code to load it:
CredentialUtil.Load(“YAML config file path”); or CredentialUtil.Load(System.IO.StreamReader);It is recommended to load the credentials during startup time (initialization) to prevent runtime delays. Sample:
CredentialUtil.Load(“ebay-config-sample.yaml”);
-
Once the credentials are loaded, call any operation on OAuth2Api.
-
GetApplicationToken: Use this operation when the application requests an access token to access their own resources, not on behalf of a user.
OAuth2Api.GetApplicationToken(OAuthEnvironment environment, IList scopes)
Learn more about Client Credentials grant flow. Sample:IList<String> scopes = new List<String>() { "https://api.ebay.com/oauth/api_scope/buy.marketing", "https://api.ebay.com/oauth/api_scope" }; OAuthResponse oAuthResponse = oAuth2Api.GetApplicationToken(OAuthEnvironment.PRODUCTION, scopes); -
GenerateUserAuthorizationUrl: Use this operation to get the Authorization URL to redirect the user to. Once the user authenticates and approves the consent, the callback needs to be captured by the redirect URL setup by the application.
OAuth2Api.GenerateUserAuthorizationUrl(OAuthEnvironment environment, IList<String> scopes, String state)Sample:IList<String> scopes = new List<String>() { "https://api.ebay.com/oauth/api_scope/commerce.catalog.readonly", "https://api.ebay.com/oauth/api_scope/buy.shopping.cart" }; String state = "current-page"; String authorizationUrl =oAuth2Api.GenerateUserAuthorizationUrl(OAuthEnvironment.PRODUCTION, scopes, state); -
ExchangeCodeForAccessToken: Use this operation when an application exchanges an authorization code for an access token. After the user authenticates, approves the consent and returns to the application via the redirectURL, the application will get the authorization code from the URL and use it to request an access token.
OAuth2Api.ExchangeCodeForAccessToken(OAuthEnvironment environment, String code)Learn more about Authorization Code grant flow. Sample:IList<String> scopes = new List<String>() { "https://api.ebay.com/oauth/api_scope/commerce.catalog.readonly", "https://api.ebay.com/oauth/api_scope/buy.shopping.cart" }; String code = "v^1.1************************Yw"; OAuthResponse oAuthResponse = oAuth2Api.ExchangeCodeForAccessToken(OAuthEnvironment.PRODUCTION, code); -
GetAccessToken: Usually access tokens are short lived. Use this operation to update the access token.
OAuth2Api.GetAccessToken(OAuthEnvironment environment, String refreshToken, IList<String> scopes)
Learn more about Using a refresh token to update the access token.. Sample:IList<String> scopes = new List<String>() { "https://api.ebay.com/oauth/api_scope/commerce.catalog.readonly", "https://api.ebay.com/oauth/api_scope/buy.shopping.cart" }; String refreshToken = "v^1.1******************2MA=="; OAuthResponse oAuthResponse = oAuth2Api.GetAccessToken(environment, refreshToken, scopes);
-
GetApplicationToken: Use this operation when the application requests an access token to access their own resources, not on behalf of a user.
More eBay OAuth Client Libraries
- eBay OAuth Client Library in Java: https://github.com/eBay/ebay-oauth-java-client
If this article is helpful and the code is useful, please feel free to visit the C# or Java library and add a GitHub star or become a contributor!