All eBay REST APIs use the OAuth 2.0 protocol for application and user authorization. OAuth is the industry standard for assuring your online transactions are secure and you must provide a valid access token for each request you make to the eBay REST interfaces.

OAuth access tokens verify to eBay that a request is coming from a valid application and that the application has the user's authorization to carry out the requests.

Once you obtain a valid access token, use it to authorize a request.

Important! You must have an active eBay Developer Program account to get the OAuth 2.0 client credentials you need to create access tokens.

Minting access tokens

The eBay token service generates, or mints, access tokens via two different grant flows:

  • Client credentials grant flow mints a new Application access token that you can use to access the resources owned by the application.
  • Authorization code grant flow mints a new User access token that you can use to access the resources owned by the user.

The eBay OAuth client libraries

eBay offers several client libraries that you can use to quickly implement the minting of OAuth tokens in your applications:

Implementing OAuth in your applications

The following topics describe how to implement the minting of OAuth tokens using each of the two grant flows: