Generating access token
Follow these steps to generate access token
Step 1 -> Create a custom app
Login to your Eshopbox workspace
Navigate to Apps > Create a custom app. Fill up the short form describing your app


You can select to install the app in the current workspace. For test mode, you can also create a new development workspace.
App will be created and pre-installed in the selected workspace. You can now copy the
client_id
,client_secret
andrefresh_token

Step 2 -> Turn an app into a sales channel app (optional)
This step is required you are integrating a sales channel with Eshopbox workspace.
In the Sales channel section, click Turn app into sales channel.

On the next step, please select the field your app will use to identify the product while managing the inventory, creating and managing orders. Your app will use the value stored in this field to identify products while creating orders.

Step 3 -> Refreshing access token
You need to exchange the Refresh Token you received in Step 1 for a Access Token, make a POST
request to the /oauth/token
endpoint in the Authentication API, using grant_type=refresh_token
In your request, the following parameters must be provided in the request body:
client_id
: The API key for the app, as defined in the step 1client_secret
: The API secret key for the app, as defined in the step 1grant_type
: The type of grant to execute. Userefresh_token
to refresh a token.refresh_token
: The Refresh Token to use.
The server responds with an access token:
The following values are returned:
access_token
: An API access token you will use for subsequent authenticated requests to the API. Your app should store the token somewhere to make authenticated requests.scope
: The list of access scopes that were granted to the application and are associated with the access token. For example,scope=openid,profile
.expires_in
: The number of seconds until the access token expires.token_type
: The access token type provides the client with the information required to successfully utilize the access token to make a protected resource request (along with type-specific attributes). Right now this will only beBearer
. You need to keep regenerating the access token before it expires as mentioned in theexpires_in
field. Learn more Now you can use theaccess_token
to make Authenticated API requests.
Last updated
Was this helpful?