This doc page has moved! You should be automatically redirected to the new location. If you are not redirected automatically, follow this link to the new page.

You are here: Using eBay RESTful APIs > OAuth access tokens

OAuth access tokens

All eBay REST interfaces use OAuth 2.0 access tokens for application authentication and user authorization. OAuth is the industry standard for assuring your online transactions are secure, and you must provide a valid access token for each request you make to the eBay REST interfaces.

The process of getting and using OAuth tokens might at first seem complicated. However, the steps are straight-forward once you understand the principles:

  1. Gather the values you need to get an access token from eBay.
  2. Send a token request to eBay to ask for a new access token.
  3. Use the token to authenticate your REST requests.
  4. Update the access token after it expires.

Access token types

There are two types of access tokens, User tokens and Application tokens.

For the most part, Application tokens are general-use tokens that can be used for actions that don't require a high level of authorization (such as getting various information from the system).

User tokens, on the other hand, provide access to more powerful interfaces because they contain a grant from the user that authorizes access to their user data. Because of the sensitivity of the information that User tokens allow you to access (and the transactions they enable), the process and requirements needed to get a User token are more involved than the process for getting an Application token. Specifically, the user must grant your application the authorization needed to call the more restrictive interfaces.

Tip: You must have an active eBay Developer Program account to get the credentials needed to create OAuth tokens. For details, see: Creating an eBay Developers Program account.

Getting access tokens for your app

If you know what you're doing, follow these links to go straight to the procedures for generating tokens:

If you don't know the type of token you need (or if you just want to know more about tokens), read the rest of this topic by clicking the drop-down link below.