Private apps can interact with the ShopBase API on behalf of only one particular store. These apps authenticate with ShopBase through basic HTTP authentication. The required credentials must be generated from the ShopBase admin of the store that you want to connect with your app.
Before you can authenticate a private app to ShopBase, you need to generate the required credentials from the ShopBase admin of the store that you want to connect with your application. If you don't have a ShopBase store, then you can create a development store.
After you've provisioned a development store, log in and then generate the required credentials from the development store admin:
- 1.From your ShopBase admin, go to Apps.
- 2.Click Manage private apps, near the bottom of the page.
- 3.Click Create a new private app.
- 4.In the App details section, enter a name for the private app and a contact email address.ShopBase uses the email address to contact the developer if there is an issue with the private app, such as when an API change might break it.
- 5.In the Admin API section, select the areas of your store that you want the app to be able to access.
- 6.Click Save.
You'll see your API key and password in the Admin API section. You can use these credentials to make authenticated requests to the ShopBase store that uses your application.
Treat the API key and password like you would any other password, because whoever has access to these credentials has full API access to the store.
A private app can make authenticated requests to the ShopBase Admin REST API using basic authentication or by including its ShopBase access token in the request header.
Private apps can authenticate through basic HTTP authentication by using their Admin API key and password as a username and password. You can generate these credentials from the ShopBase admin of the store that you want to connect with your app.
Some HTTP clients support basic authentication by prepending
username:password@to the hostname in the URL. For example:
If your HTTP client doesn't support basic authentication using this method, then you can provide the credentials in the
Authorizationheader field instead:
- 1.Join the API key and password with a single colon (
- 2.Encode the resulting string in base64 representation.
- 3.Prepend the base64-encoded string with
Basicand a space:Authorization: BasicNDQ3OGViN2FjMTM4YTEzNjg1MmJhYmQ4NjE5NTZjMTk6M2U1YTZlZGVjNzFlYWIwMzk0MjJjNjQ0NGQwMjY1OWQ=