-
Notifications
You must be signed in to change notification settings - Fork 6
Configuration & Setup
Before you can use the Powershop API, you must sign up for an API account for your product. We are no longer offering API keys, but we may consider doing it again in the future. All API accounts have a controlled number of requests per hour that they may submit. If you feel that your application will be submitting many requests, please mention this to the Powershop team.
The Powershop API is available over HTTPS. It returns responses in JSON or XML format.
This API uses the OAuth 1.0a protocol. This allows users to authenticate themselves without entering their password into your application. OAuth libraries are available for all major development platforms, including PHP, Ruby and the iPhone.
For information about OAuth, visit: http://oauth.net/
It is a condition of using the Powershop API that you are never able to directly capture the user's password. This includes, for example, using a web control on the iPhone inside your application. Please search for “iphone oauth” to see how others have implemented OAuth for iPhone apps.
Your OAuth library will require several URLs to be configured. For Powershop, these are:
Request Token URL: "https://secure.powershop.co.nz/external_api/oauth/request_token"
Authorize URL: "https://secure.powershop.co.nz/external_api/oauth/authorize"
Access Token URL: "https://secure.powershop.co.nz/external_api/oauth/access_token"
For the test environment, replace “https://secure.powershop.co.nz” with “https://stable.test.powershop.co.nz”.
A callback URL passed to the request token URL is required, as per the OAuth 1.0a specification. Note that your OAuth library may not require this parameter; you must manually specify it in this case or update the library to the latest version.