Connecting ChannelAdvisor and Odoo Part 2 - Authorization Methods

To connect Odoo and ChannelAdvisor, your first step is to authenticate so that you can query the API for orders, refunds, distribution centers and many other types of data you may need. Your first step toward having a working API connection will be to create a developer console account. You will need to create an integration and grant it access to the ChannelAdvisor accounts that are to be queried for orders and inventory counts, etc. Authorization for the CA API is straight-forward and there are three options. In a subsequent article, will go through authorization by method 2 in detail and show you how to authorize for the ChannelAdvisor API using a refresh token and providing that to the endpoint to receive access tokens as requests are made. This second option is to obtain a Developer Console Token from the account to which you have access. This method is best for Odoo-ChannelAdvisor integrations that do not involve user interaction with the API such as a connection to Odoo that automatically imports sale orders and keeps stock counts up to date.

OAuth 2.0 - Most Secure

Of all 3 authorization flows, OAuth 2.0 offers the most security and is required if connecting from a web server application. You will pass a shared secret to obtain an authorization code for acquiring a token and it is good for five minutes. Once your authorization code expires, your subsequent logons will follow the same procedure. This method is best for integrations that are web server or desktop application based and must be very securely integrated with ChannelAdvisor.

Developer Console Token - Simplest, Backend

This is by far the simplest method for authorization but is only good for automated or back-end applications because it doesn't provide the security necessary for and do not require frequent end-user authorization/authentication. One must sign in to the developer console and manually generate a refresh token that will be used to obtain access tokens from the endpoint. This flow is for integrations where there is no user controlling the connection or querying ChannelAdvisor. We have an article that shows in detail how to generate the required keys and tokens for authorization.

SOAP API Credentials Flow - For Integrations with Existing SOAP Applications

What is required? One must obtain a developer key that is granted SOAP API access to a ChannelAdvisor account. The application can request a REST access token for connecting to and querying the ChannelAdvisor API. From the token endpoint then, a pre-authenticated access token is acquired. This method provides a bridge for existing SOAP API integrations access to the REST API. This connection removes the necessity for any intervention from the seller and allows existing SOAP API connections to access the REST API. This type of authorization is great for an existing or legacy SOAP API integration

Business Efficiency Discovery Session -
No Cost to You!
*denotes a required field