eBay Trading APIVersion 1039

FetchToken

Use this call to retrieve an authentication token for a user. The call can be used to get a token only after the specified user has given consent for the token to be generated. Consent is given through the eBay sign-in page. After token retrieval, the token can be used to authenticate other calls made on behalf of the associated user.

Unlike other Trading API calls, FetchToken requests do not require a user token for authorization. Instead, the call makes use of your application keys (App ID, Dev ID, and Cert ID) for authorization. In addition, you must supply a SessionID value, which you obtain by making a call to GetSessionID.

Include the application keys in the SOAP header for SOAP requests, and in the HTTP header for XML requests. The keys use different names in the HTTP headers:

See Standard Data for All Calls for information about how to pass data in your SOAP and XML requests.

Usage Details

Before calling FetchToken, the user must have successfully signed in and accepted the consent form. Next, when calling FetchToken, you must specify the SessionID value that was returned from the GetSessionID request that the application sent when redirecting the user to the eBay sign-in and consent page.

Once completed, the application can make calls to FetchToken for any and all of its end-users. However, other applications created by the same developer still need to meet this requirement, even if the same end-users also use the application.

To call FetchToken, set Username in RequesterCredentials to the user of interest (or supply a SessionID). The attempt to retrieve the token must be made within 48 hours of the time the user signed in on the sign-in and consent page.

See Getting Tokens and Setting Up an Application to Receive Tokens for more details.

FetchToken returns the authentication token for the specified user into the eBayAuthToken field. It also returns the expiration date and time for the token in HardExpirationTime.

You can test FetchToken in the Sandbox environment. In order to test in the Sandbox, you'll need to create at least one test user. For information about creating and using test users, see Testing in the SandBox.

Related Information

See:
    Getting Tokens
    Getting Tokens for Applications with Multiple Users

See also the reference documentation for these calls:



Input

See also Samples.

The box below lists all fields that could be included in the call request. To learn more about an individual field or its type, click its name in the box (or scroll down to find it in the table below the box).

See also the Deprecated Objects link above. Fields presented in this color are deprecated, and fields presented in this color are (or soon will be) non-operational.

The XML prototype does not include requester credentials. This is a documentation limitation only (see Standard Requester Credentials for Making Calls).

<?xml version="1.0" encoding="utf-8"?>
<FetchTokenRequest xmlns="urn:ebay:apis:eBLBaseComponents">
  <!-- Call-specific Input Fields -->
  <SecretID> string </SecretID>
  <SessionID> string </SessionID>
  <!-- Standard Input Fields -->
  <ErrorLanguage> string </ErrorLanguage>
  <MessageID> string </MessageID>
  <Version> string </Version>
  <WarningLevel> WarningLevelCodeType </WarningLevel>
</FetchTokenRequest>
Argument Type Occurrence Meaning
Call-specific Input Fields [Jump to standard fields]
SecretID string Optional A value associated with the token retrieval request. SecretID is defined by the application, and is passed in the redirect URL to the eBay sign-in page. eBay recommends using a UUID for the secret ID value. You must also set Username (part of the RequesterCredentials) for the particular user of interest. SecretID and Username are not required if SessionID is present.
SessionID string Optional A value associated with the token retrieval request. eBay generates the session ID when the application makes a GetSessionID request. SessionID is passed in the redirect URL to the eBay sign-in page. The advantage of using SessionID is that it does not require UserID as part of the FetchToken request. SessionID is not required if SecretID is present.
Standard Input Fields  
ErrorLanguage string Optional Use ErrorLanguage to return error strings for the call in a different language from the language commonly associated with the site that the requesting user is registered with. Specify the standard RFC 3066 language identification tag (e.g., en_US).

ID Country
en_AU Australia
de_AT Austria
nl_BE Belgium (Dutch)
fr_BE Belgium (French)
en_CA Canada
fr_CA Canada (French)
zh_CN China
fr_FR France
de_DE Germany
zh_HK Hong Kong
en_IN India
en_IE Ireland
it_IT Italy
nl_NL Netherlands
en_SG Singapore
es_ES Spain
de_CH Switzerland
en_GB United Kingdom
en_US United States

See Tags for the Identification of Languages.

MessageID string Optional Most Trading API calls support a MessageID element in the request and a CorrelationID element in the response. If you pass in a MessageID in a request, the same value will be returned in the CorrelationID field in the response. Pairing these values can help you track and confirm that a response is returned for every request and to match specific responses to specific requests. If you do not pass a MessageID value in the request, CorrelationID is not returned.

Note: GetCategories is designed to retrieve very large sets of metadata that change once a day or less often. To improve performance, these calls return cached responses when you request all available data (with no filters). When this occurs, the MessageID and CorrelationID fields aren't applicable. However, if you specify an input filter to reduce the amount of data returned, the calls retrieve the latest data (not cached). When this occurs, MessageID and CorrelationID are applicable.
Version string Conditional The version number of the API code that you are programming against (e.g., 859). The version you specify for a call has these basic effects:
  • It indicates the version of the code lists and other data that eBay should use to process your request.
  • It indicates the schema version you are using.
You need to use a version that is greater than or equal to the lowest supported version.
For the SOAP API: If you are using the SOAP API, this field is required. Specify the version of the WSDL your application is using.

For the XML API: If you are using the XML API, this field has no effect. Instead, specify the version in the X-EBAY-API-COMPATIBILITY-LEVEL HTTP header. (If you specify Version in the body of an XML API request and it is different from the value in the HTTP header, eBay returns an informational warning that the value in the HTTP header was used instead.)

See:
    Routing the Request (Gateway URLs)
    eBay Schema Versioning Strategy
    Lowest Supported Version

WarningLevel WarningLevelCodeType Optional Controls whether or not to return warnings when the application passes unrecognized or deprecated elements in a request.

An unrecognized element is one that is not defined in any supported version of the schema. Schema element names are case-sensitive, so using WarningLevel can also help you remove any potential hidden bugs within your application due to incorrect case or spelling in field names before you put your application into the Production environment.

WarningLevel only validates elements; it doesn't validate XML attributes. It also doesn't control warnings related to user-entered strings or numbers, or warnings for logical errors.

We recommend that you only use this during development and debugging. Do not use this in requests performed in the Production environment.

Applicable values:

High
(in) The WarningLevel value is set to High if the user wishes to receive warnings when the application passes unrecognized or deprecated elements in an API call request. Setting the WarningLevel value to High is not recommended in a production environment. Instead, it should only be used during the development/debugging stage.
Low
(in) The WarningLevel value is set to Low if the user does not wish to receive warnings when the application passes unrecognized or deprecated elements in an API call request. This is the default value if WarningLevel is not specified in the call request.

See Warning Level.



Output

See also Samples.

The box below lists all fields that might be returned in the response. To learn more about an individual field or its type, click its name in the box (or scroll down to find it in the table below the box).

See also the Deprecated Objects link above. Fields presented in this color are deprecated, and fields presented in this color are not returned (or soon will not be returned) or are not operational (or soon will be non-operational).

<?xml version="1.0" encoding="utf-8"?>
<FetchTokenResponse xmlns="urn:ebay:apis:eBLBaseComponents">
  <!-- Call-specific Output Fields -->
  <eBayAuthToken> string </eBayAuthToken>
  <HardExpirationTime> dateTime </HardExpirationTime>
  <RESTToken> string </RESTToken>
  <!-- Standard Output Fields -->
  <Ack> AckCodeType </Ack>
  <Build> string </Build>
  <CorrelationID> string </CorrelationID>
  <Errors> ErrorType
    <ErrorClassification> ErrorClassificationCodeType </ErrorClassification>
    <ErrorCode> token </ErrorCode>
    <ErrorParameters ParamID="string"> ErrorParameterType
      <Value> string </Value>
    </ErrorParameters>
    <!-- ... more ErrorParameters nodes allowed here ... -->
    <LongMessage> string </LongMessage>
    <SeverityCode> SeverityCodeType </SeverityCode>
    <ShortMessage> string </ShortMessage>
  </Errors>
  <!-- ... more Errors nodes allowed here ... -->
  <Timestamp> dateTime </Timestamp>
  <Version> string </Version>
</FetchTokenResponse>
Return Value Type Occurrence Meaning
Call-specific Output Fields [Jump to standard fields]
eBayAuthToken string Always The authentication token for the user.

See Getting Tokens.

HardExpirationTime dateTime Always Date and time at which the token returned in eBayAuthToken expires and can no longer be used to authenticate the user for that application.
RESTToken string Conditionally The REST authentication token for the user.
Standard Output Fields  
Ack AckCodeType Always A token representing the application-level acknowledgement code that indicates the response status (e.g., success). The AckCodeType list specifies the possible values for the Ack field.

Applicable values:

CustomCode
(out) Reserved for internal or future use.
Failure
(out) This value indicates that the call request processing failed.
Success
(out) This value indicates that the call request was processed successfully without any issues.
Warning
(out) This value indicates that the call request was successful, but processing was not without any issues. These issues can be checked in the Errors container, that will also be returned when one or more known issues occur with the call request.

(Not all values in AckCodeType apply to this field.)

Code so that your app gracefully handles any future changes to this list.
Build string Always This refers to the specific software build that eBay used when processing the request and generating the response. This includes the version number plus additional information. eBay Developer Support may request the build information when helping you resolve technical issues.
CorrelationID string Conditionally Most Trading API calls support a MessageID element in the request and a CorrelationID element in the response. If you pass in a MessageID in a request, the same value will be returned in the CorrelationID field in the response. Pairing these values can help you track and confirm that a response is returned for every request and to match specific responses to specific requests. If you do not pass a MessageID value in the request, CorrelationID is not returned.

Note: GetCategories is designed to retrieve very large sets of metadata that change once a day or less often. To improve performance, these calls return cached responses when you request all available data (with no filters). When this occurs, the MessageID and CorrelationID fields aren't applicable. However, if you specify an input filter to reduce the amount of data returned, the calls retrieve the latest data (not cached). When this occurs, MessageID and CorrelationID are applicable.
Errors ErrorType Conditionally,
repeatable: [0..*]
A list of application-level errors (if any) that occurred when eBay processed the request.

See Error Handling.

Errors.ErrorClassification ErrorClassificationCodeType Conditionally API errors are divided between two classes: system errors and request errors.

Applicable values:

CustomCode
(out) Reserved for internal or future use.
RequestError
(out) An error has occurred either as a result of a problem in the sending application or because the application's end-user has attempted to submit invalid data (or missing data). In these cases, do not retry the request. The problem must be corrected before the request can be made again. If the problem is due to something in the application (such as a missing required field), the application must be changed. If the problem is a result of end-user data, the application must alert the end-user to the problem and provide the means for the end-user to correct the data. Once the problem in the application or data is resolved, resend the request to eBay with the corrected data.
SystemError
(out) Indicates that an error has occurred on the eBay system side, such as a database or server down. An application can retry the request as-is a reasonable number of times (eBay recommends twice). If the error persists, contact Developer Technical Support. Once the problem has been resolved, the request may be resent in its original form.

Code so that your app gracefully handles any future changes to this list.
Errors.ErrorCode token Conditionally A unique code that identifies the particular error condition that occurred. Your application can use error codes as identifiers in your customized error-handling algorithms. See the "Errors by Number" document.
Errors.ErrorParameters ErrorParameterType Conditionally,
repeatable: [0..*]
This optional element carries a list of context-specific error variables that indicate details about the error condition. These are useful when multiple instances of ErrorType are returned.
Errors.ErrorParameters
  [ attribute ParamID ]
string Conditionally This optional element carries a list of context-specific error variables that indicate details about the error condition. These are useful when multiple instances of ErrorType are returned.
Errors.ErrorParameters.Value string Conditionally This is the value of the request parameter noted in the ParamID attribute. So, if the ParamID value was ItemID, the value in this field would be the actual value of that ItemID.
Errors.LongMessage string Conditionally A more detailed description of the condition that raised the error.
Errors.SeverityCode SeverityCodeType Conditionally Indicates whether the error is a severe error (causing the request to fail) or an informational error (a warning) that should be communicated to the user.

Applicable values:

CustomCode
(out) Reserved for internal or future use.
Error
(out) The request that triggered the error was not processed successfully. When a serious application-level error occurs, the error is returned instead of the business data.

If the source of the problem is within the application (such as a missing required element), change the application before you retry the request.
  • If the problem is due to end-user input data, please alert the end-user to the problem and provide the means for them to correct the data. Once the problem in the application or data is resolved, you can attempt to re-send the request to eBay.
  • If the source of the problem is on eBay's side, An application can retry the request as-is a reasonable number of times (eBay recommends twice). If the error persists, contact Developer Technical Support. Once the problem has been resolved, the request may be resent in its original form.


See the Compatible Application Check section of the eBay Features Guide for more information.
Warning
(out) The request was processed successfully, but something occurred that may affect your application or the user. For example, eBay may have changed a value the user sent in. In this case, eBay returns a normal, successful response and also returns the warning.

When a warning occurs, the error is returned in addition to the business data. In this case, you do not need to retry the request (as the original request was successful). However, depending on the cause or nature of the warning, you might need to contact either the end user or eBay to effect a long term solution to the problem to prevent it from reoccurring in the future.

Code so that your app gracefully handles any future changes to this list.
Errors.ShortMessage string Conditionally A brief description of the condition that raised the error.
Timestamp dateTime Always This value represents the date and time when eBay processed the request. The time zone of this value is GMT and the format is the ISO 8601 date and time format (YYYY-MM-DDTHH:MM:SS.SSSZ). See the Time Values section in the eBay Features Guide for information about this time format and converting to and from the GMT time zone.

Note: GetCategories and other Trading API calls are designed to retrieve very large sets of metadata that change once a day or less often. To improve performance, these calls return cached responses when you request all available data (with no filters). When this occurs, this time value reflects the time the cached response was created. Thus, this value is not necessarily when the request was processed. However, if you specify an input filter to reduce the amount of data returned, the calls retrieve the latest data (not cached). When this occurs, this time value does reflect when the request was processed.
Version string Always The version of the response payload schema. Indicates the version of the schema that eBay used to process the request. See the Standard Data for All Calls section in the eBay Features Guide for information on using the response version when troubleshooting CustomCode values that appear in the response.



Detail Controls


DetailLevel

This call does not support varying Detail Levels. You do not need to pass DetailLevel in the request.



Samples

New to making API calls? Please see Making a Call.

Note: Some item IDs, user IDs, or other data in these samples might no longer be active on eBay. If necessary, you can substitute current eBay data in your requests.

Sample: Basic Call

Retrieves an authentication token for the specified user.

Description

The following sample submits the SessionID for the user. The request also contains application keys (X-EBAY-API-DEV-NAME, X-EBAY-API-APP-NAME, and X-EBAY-API-CERT-NAME). For XML-formatted requests, the application keys are provided as HTTP header values. For SOAP requests, these values are provided in the SOAP header. The response contains the user's new eBayAuthToken, along with its date of expiration.

Input

XML format.

<?xml version="1.0" encoding="utf-8"?>
<FetchTokenRequest xmlns="urn:ebay:apis:eBLBaseComponents">
  <SessionID>YourSessionIDHere</SessionID>
</FetchTokenRequest>

Output

XML format.
<?xml version="1.0" encoding="utf-8"?>
<FetchTokenResponse xmlns="urn:ebay:apis:eBLBaseComponents">
  <Timestamp>2015-11-10T20:42:58.943Z</Timestamp>
  <Ack>Success</Ack>
  <Version>967</Version>
  <Build>E967_CORE_BUNDLED_12301500_R1</Build>
  <eBayAuthToken>YourAuthToken</eBayAuthToken>
  <HardExpirationTime>2016-05-03T20:36:32.000Z</HardExpirationTime>
</FetchTokenResponse> 



Change History

Change Date Description
557
2008-03-20
  • SessionID (modified): You can use the FetchToken call to retrieve a session ID for a user, for use in the user consent flow.
529
2007-09-05
  • IncludeRESTToken, RESTToken (added): You can use the Fetchtoken call to retrieve a REST token for a user.
475
2006-8-23
  • Username (added): Added SOAP sample.