Trying to connect to eBay API using Rest API resource

willtatts · May 15, 2024, 4:48pm

Hi,

I've been banging my head all afternoon on this so any help would be greatly appreciated.

I'm trying to connect to the eBay API where I want to use OAuth2.0 as the authentication method. I've entered the following:

Authorization URL: Agreement

Access token URL: https://api.ebay.com/identity/v1/oauth2/token

Along with my eBay client ID and client secret, as well as this under scopes: https://api.ebay.com/oauth/api_scope/sell.fulfillment

Whenever I click the Connect with OAuth button I get an error message of the following:

Retool

Encountered an error (500):

{
  "error": "{\"statusCode\":400,\"data\":\"{\\\"error\\\":\\\"invalid_request\\\",\\\"error_description\\\":\\\"request is missing a required parameter or malformed.\\\"}\"}",
  "request": {
    "url": "api.ebay.com/identity/v1/oauth2/token",
    "method": "POST",
    "headers": {
      "Content-Type": "application/x-www-form-urlencoded",
      "Host": "api.ebay.com",
      "User-Agent": "Node-oauth",
      "Content-Length": 330
    },
    "body": {
      "grant_type": "authorization_code",
      "redirect_uri": "https://oauth.retool.com/oauth/user/oauthcallback",
      "client_id": "I've taken this out but this has my client ID in it",
      "client_secret": "---sanitized---",
      "code": "---sanitized---"
    }
  }
}

Please try again.

trz-justin-dev · May 15, 2024, 8:35pm

@willtatts welcome to the forums!

is request.body.code double encoded perhaps?

willtatts · May 15, 2024, 8:55pm

Hi Justin,

How would I check if it's double encoded? And what would I do to fix this?

trz-justin-dev · May 15, 2024, 9:22pm

@willtatts hmm... it says "---sanitized---" and that wasn't you hiding it, right?

depending on your browser, maybe you can inspect the request in the developer menu?

or try to mock up a POST request in something external like Postman, grab the code string, and run it through a URL decoder to see if it still has percent encodings in it after decoding? just spitballing here, tbh I am bad/inexperienced with OAuth

willtatts · May 16, 2024, 12:06am

I figured it out.

You have to go to your Retool settings, then Beta and tick Include Authorization header for OAuth requests and then set up a Custom Auth in Retool and select OAuth 2.0 Generic and enter the standard details in for eBay as the first step then add two more steps to your Custom Auth in Retool, one for each defined variable, I named mine ACCESS_TOKEN with value = {{oauth1.accessToken}} and the other REFRESH_TOKEN and pass in {{oauth1.refreshToken}}.

trz-justin-dev · May 16, 2024, 12:14am

ahh I saw that one and wondered. nice find!! you can mark your reply as the solution so people can find it easily, if you want

willtatts · May 16, 2024, 10:15am

I've now got an issue with the custom auth refresh workflow, here's what I've got:

I've Base64 encoded my client_id:client_secret as per this article Using a refresh token to update a User access token | eBay Developers Program but I get 500 internal server error when I click Test refresh auth workflow in Retool, any ideas how I can resolve this?

willtatts · May 16, 2024, 11:13am

I also get this if I try and authorise, however on eBay the client account does have my app on the third-party app access screen?

trz-justin-dev · May 31, 2024, 6:11pm

@willtatts any luck? was on vacation for a minute sorry

Tess · May 31, 2024, 6:26pm

If possible, it might help to try hardcoding the refresh token to see if it's an issue with passing in the token or something else

Tess · June 13, 2024, 8:36pm

@willtatts Keep us posted if you're still working on this