Open-API
  1. OAuth
Open-API
  • eBay fulfillment openAPI
  • OAuth
    • URL(getAuthorizationCode)
      GET
    • AccessToken
      POST
    • Refresh AccessToken
      POST
  • SKU
    • SKUCreation v3
      POST
    • SKUQuery v3
      POST
    • SKU Label
      POST
    • SKUSetupEFService
      POST
    • QuerySKUEFService
      POST
  • Stock
    • GetStockMovement
      POST
    • StockSnapshot v2
      POST
  • Inbound
    • PlaceInboundOrder
      POST
    • Inbound Order List Query
      POST
    • Inbound Order Detail Query
      POST
    • Inbound Label Query
      POST
    • Upload TrackingNo
      POST
    • Upload Clearance Doc
      POST
  • Outbound
    • Place Outbound Order
      POST
    • Outbound Order Query v2
      POST
    • Outbound Order Cancellation
      POST
  • Warehouse
    • GetServiceList
      GET
  • Pricing
    • Cost Estimation Request
      POST
    • Cost Estimation Response
      POST
  1. OAuth

AccessToken

Sandbox
https://openapi-stage-hk.orangeconnex.com
Sandbox
https://openapi-stage-hk.orangeconnex.com
POST
/oauth/token
OAuth
3PP exchanges the authorization code for an access token and refresh token.
After 3PP gets authorization code, they need to exchange the authorization token for an access token and refresh token.

Request

Query Params
client_id
string 
required
The ID of 3PP offered by OC offline
Example:
bd1d1971-d0db-11ea-b4a1-00505694c27b
grant_type
string 
required
Fixed value: "authorization_code"
Example:
authorization_code
redirect_uri
string 
required
To prevent attack, OC validates value of this field against the redirect URL that was used when requesting the authorization code. The two redirect URLs should be the same.
Example:
https://www.baidu.com
code
string 
required
Value of authorization code
Example:
gTJjJKyOR0F%252FYo5%252BQ0Xz0rG0%252BVPpSFWX67aQAH%252FhqwYIuvb30f15LEFthn%252BMPamdgeQ0u%252BO5iY3dLC5jE%252BtnYh4Bp3KpwMEoz1Y9PYmcuzNqx2T3OteAACZAByPM5f7fkaaa8HggrVEPW70wqbRLVHufOUCXUtpIc4RFh%252B6tpizJ3hKhD7J9MwdIK38rada7gnbqyViZxnWnG%252F8OcSxY9XGe8CKeUdgQIgwKWVBHGrD7dZOAjszBH8IGjMS1rkYItr3%252Fk4v%252BNmOiFkjkxKbH6GmP%252Bmgdp%252BQFDAmlS7jBpOs3IArUtime89enasY%252FVyTyTHLa8rWb%252FOpRc%252BfwfH0XU%252Fn62z4HWfR4Zg%252FYbuyDLwK2zSGElpQ9ETz%252FG2xWJ36af%252FXJJ7RlEvy1UEAJK%252BbV%252FhGMfwAUcWZ7OYMlfXzkY2pm31mmWjgNLMcseVH2HXhZkoeKxrhi3C6iyYoBJdrjLKjaD4nFzGs84VySpy%252BJAM6FrE7UMZnLKAj5xV%252F3XuvXHM7JWTbCEZ2r2dl9EHwic2hV1bviUEn59UVMHtg65nBdIBgzA1gDAfan061LcOzV9M2F5EW7iUe7FtEQ3bQzTai68GBK%252FOFp%252Fgg9XJGkucLLKJVQhctNZ6p52SIvnzaAdN7fyjXYXjNAiN3yKJ0raiD29Uh%252FOGT8sjpe1smk2L8%253D
Header Params
clientKey
string 
optional
Example:
8eea07aa-bffa-11ea-b4a1-00505694c27b

Request samples

Shell
JavaScript
Java
Swift
Go
PHP
Python
HTTP
C
C#
Objective-C
Ruby
OCaml
Dart
R
Request Request Example
Shell
JavaScript
Java
Swift
curl --location --request POST 'https://openapi-stage-hk.orangeconnex.com/oauth/token?client_id=bd1d1971-d0db-11ea-b4a1-00505694c27b&grant_type=authorization_code&redirect_uri=https://www.baidu.com&code=gTJjJKyOR0F%252FYo5%252BQ0Xz0rG0%252BVPpSFWX67aQAH%252FhqwYIuvb30f15LEFthn%252BMPamdgeQ0u%252BO5iY3dLC5jE%252BtnYh4Bp3KpwMEoz1Y9PYmcuzNqx2T3OteAACZAByPM5f7fkaaa8HggrVEPW70wqbRLVHufOUCXUtpIc4RFh%252B6tpizJ3hKhD7J9MwdIK38rada7gnbqyViZxnWnG%252F8OcSxY9XGe8CKeUdgQIgwKWVBHGrD7dZOAjszBH8IGjMS1rkYItr3%252Fk4v%252BNmOiFkjkxKbH6GmP%252Bmgdp%252BQFDAmlS7jBpOs3IArUtime89enasY%252FVyTyTHLa8rWb%252FOpRc%252BfwfH0XU%252Fn62z4HWfR4Zg%252FYbuyDLwK2zSGElpQ9ETz%252FG2xWJ36af%252FXJJ7RlEvy1UEAJK%252BbV%252FhGMfwAUcWZ7OYMlfXzkY2pm31mmWjgNLMcseVH2HXhZkoeKxrhi3C6iyYoBJdrjLKjaD4nFzGs84VySpy%252BJAM6FrE7UMZnLKAj5xV%252F3XuvXHM7JWTbCEZ2r2dl9EHwic2hV1bviUEn59UVMHtg65nBdIBgzA1gDAfan061LcOzV9M2F5EW7iUe7FtEQ3bQzTai68GBK%252FOFp%252Fgg9XJGkucLLKJVQhctNZ6p52SIvnzaAdN7fyjXYXjNAiN3yKJ0raiD29Uh%252FOGT8sjpe1smk2L8%253D' \
--header 'clientKey: 8eea07aa-bffa-11ea-b4a1-00505694c27b'

Responses

🟢200OK
application/json
Body
access_token
string 
optional
Value of access token. When 3PP requests APIs (exclude "getServiceList" API), access token should be contained in a header named "Access-Token".
error
string 
optional
error_description
string 
optional
expires_in
integer <int32>
optional
Duration of validity of access token.
refresh_token
string 
optional
Value of refresh token. If the access token is expired, 3PP uses the refresh token to get a new access token and its expiration date.
token_type
string 
optional
Fixed value: "bearer"
Examples
{
    "error": "invalid_grant",
    "error_description": "Invalid authorization code: gTJjJKyOR0F%2FYo552BQ0Xz0rG0%2BVPpSFWX67aQAH%2FhqwYIuvb30f15LEFthn%2BMPamdgeQ0u%2BO5iY3dLC5jE%2BtnYh4Bp3KpwMEoz1Y9PYmcuzNqx2T3OteAACZAByPM5f7fkaaa8HggrVEPW70wqbRLVHufOUCXUtpIc4RFh%2B6tpizJ3hKhD7J9MwdIK38rada7gnbqyViZxnWnG%2F8OcSxY9XGe8CKeUdgQIgwKWVBHGrD7dZOAjszBH8IGjMS1rkYItr3%2Fk4v%2BNmOiFkjkxKbH6GmP%2Bmgdp%2BQFDAmlS7jBpOs3IArUtime89enasY%2FVyTyTHLa8rWb%2FOpRc%2BfwfH0XU%2Fn62z4HWfR4Zg%2FYbuyDLwK2zSGElpQ9ETz%2FG2xWJ36af%2FXJJ7RlEvy1UEAJK%2BbV%2FhGMfwAUcWZ7OYMlfXzkY2pm31mmWjgNLMcseVH2HXhZkoeKxrhi3C6iyYoBJdrjLKjaD4nFzGs84VySpy%2BJAM6FrE7UMZnLKAj5xV%2F3XuvXHM7JWTbCEZ2r2dl9EHwic2hV1bviUEn59UVMHtg65nBdIBgzA1gDAfan061LcOzV9M2F5EW7iUe7FtEQ3bQzTai68GBK%2FOFp%2Fgg9XJGkucLLKJVQhctNZ6p52SIvnzaAdN7fyjXYXjNAiN3yKJ0raiD29Uh%2FOGT8sjpe1smk2L8%3D"
}
🟢201Created
🟠401Unauthorized
🟠403Forbidden
🟠404Not Found
Modified at 2025-06-18 08:29:13
Previous
URL(getAuthorizationCode)
Next
Refresh AccessToken
Built with