Trying to connect to eBay API using Rest API resource


I've been banging my head all afternoon on this so any help would be greatly appreciated.

I'm trying to connect to the eBay API where I want to use OAuth2.0 as the authentication method. I've entered the following:

Authorization URL: Agreement

Access token URL:

Along with my eBay client ID and client secret, as well as this under scopes:

Whenever I click the Connect with OAuth button I get an error message of the following:


Encountered an error (500):

  "error": "{\"statusCode\":400,\"data\":\"{\\\"error\\\":\\\"invalid_request\\\",\\\"error_description\\\":\\\"request is missing a required parameter or malformed.\\\"}\"}",
  "request": {
    "url": "",
    "method": "POST",
    "headers": {
      "Content-Type": "application/x-www-form-urlencoded",
      "Host": "",
      "User-Agent": "Node-oauth",
      "Content-Length": 330
    "body": {
      "grant_type": "authorization_code",
      "redirect_uri": "",
      "client_id": "I've taken this out but this has my client ID in it",
      "client_secret": "---sanitized---",
      "code": "---sanitized---"

Please try again.

@willtatts welcome to the forums!

is request.body.code double encoded perhaps?

Hi Justin,

How would I check if it's double encoded? And what would I do to fix this?

@willtatts hmm... it says "---sanitized---" and that wasn't you hiding it, right?

depending on your browser, maybe you can inspect the request in the developer menu?

or try to mock up a POST request in something external like Postman, grab the code string, and run it through a URL decoder to see if it still has percent encodings in it after decoding? just spitballing here, tbh I am bad/inexperienced with OAuth

I figured it out.

You have to go to your Retool settings, then Beta and tick Include Authorization header for OAuth requests and then set up a Custom Auth in Retool and select OAuth 2.0 Generic and enter the standard details in for eBay as the first step then add two more steps to your Custom Auth in Retool, one for each defined variable, I named mine ACCESS_TOKEN with value = {{oauth1.accessToken}} and the other REFRESH_TOKEN and pass in {{oauth1.refreshToken}}.

1 Like

ahh I saw that one and wondered. nice find!! you can mark your reply as the solution so people can find it easily, if you want

1 Like

I've now got an issue with the custom auth refresh workflow, here's what I've got:

I've Base64 encoded my client_id:client_secret as per this article Using a refresh token to update a User access token | eBay Developers Program but I get 500 internal server error when I click Test refresh auth workflow in Retool, any ideas how I can resolve this?

I also get this if I try and authorise, however on eBay the client account does have my app on the third-party app access screen?