I'm pleased to announce that our new Developer Community pages and API
are live now at http://www.etsy.com/developers!
Until yesterday, our API has been proxied by Mashery, who've handled
our API keys, rate limiting, and OAuth authentication. Our Developer
Community pages at developer.etsy.com have also been hosted by
Mashery. Mashery has been a great help to us over the past two
years, and we wish them the best for the future. However, for various
reasons, it makes sense for us now to take over hosting the full API
infrastructure from end-to-end.
Here are some important things to know:
* The production API has moved to http://openapi.etsy.com/v2. The
separate /v2/public and /v2/private entry points are now deprecated
(although we'll still support the old URLs for 90 days.) The API now
detects whether or not you are using OAuth automatically; so the
separate /private and /public paths are no longer needed.
* The sandbox API has moved to http://sandbox.openapi.etsy.com/v2/.
The http://openapi.etsy.com/v2/sandbox/* entry points are no longer
supported.
* Your production API keys have been migrated to the new platform. If
you had an App Gallery entry, your keys should already be associated
with your Etsy member account at
https://www.etsy.com/developers/your-apps.
* If you did not have an App Gallery entry, please visit
https://www.etsy.com/developers/account-migration to "claim" your
production API keys and associate them with your Etsy member account.
* Sandbox keys are no longer needed and have been discarded. The new
API uses the same keystrings and shared secrets for both the production and
sandbox APIs.
* If you did NOT yet have a production key, visit
https://www.etsy.com/developers/register to get a new API key.
* Request tokens now include a fully-populated 'login_url' element.
Please start using this verbatim and do not add or change any
parameters. We will support the old login URL patterns to the best of
our ability for the next 90 days.
We're also introducing an entirely new feature with this relaunch:
OAuth Permission Scopes. These allow you to narrow down the list of
permissions that Etsy members see on the OAuth signin page to just the
permissions you intend to use. To get started, see the documentation
at http://www.etsy.com/developers/documentation/getting_started/oauth.
To maintain backwards-compatibility, for the time being, we're
interpreting request tokens with no "scope" parameter to involve all
possible permissions (some of you noticed the expanded list visible
on the OAuth signin page yesterday.) Once everyone has updated their
apps, we'll redefine blank scopes to mean a very restrictive set of
permissions.
Because we are migrating the API to an entirely new platform, there
are bound to be some bumps along the way. As of this writing, 96%
of the requests coming through the new API are being served without
issue. We're aware of the following problems and are actively working
to resolve them:
* Problems with signing OAuth PUT requests (although we're able to
make successful POST requests with "method=PUT", which is equivalent.)
* Problems with signing OAuth POST requests with multipart form data.
Justin Kerr Sheckler
Developer API Lead
Etsy.com
jus...@etsy.com
Justin Kerr Sheckler
Developer API Lead
Etsy.com
jus...@etsy.com
> --
> You received this message because you are subscribed to the Google Groups "Etsy API V2" group.
> To post to this group, send email to etsy-...@googlegroups.com.
> To unsubscribe from this group, send email to etsy-api-v2...@googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/etsy-api-v2?hl=en.
>
>
Thanks for this information; we're still looking into it.
Justin Kerr Sheckler
Developer API Lead
Etsy.com
jus...@etsy.com
We're using the PECL OAuth extension
(http://pecl.php.net/package/oauth) to provide OAuth services. So
far, we're unable to find a fix on our end for the multipart POST
issue. We do know that multipart POSTs made using PECL OAuth as both
the client and server are successful.
In the meantime, you should try switching your OAuth param-passing
style from headers to query string parameters.
Our apologies that we're unable to find a fix on our end. We realize
that you will need to resubmit to the App Store.
best,
Justin Kerr Sheckler
Developer API Lead
Etsy.com
jus...@etsy.com
I'm pretty sure you need to pass your GET query string parameters into
the client fetch method using its 2nd (optional) parameter, as a PHP
array. This is the same way I see you pass parameters to your POST
example. This tells the client these parameters should be part of the
"sbs" for signing the request.
Can you try that and let us know if that works.
Best regards,
Aaron Gardner
Developer API Team
Etsy.com
When I said "In the meantime, you should try switching your OAuth param-passing
style from headers to query string parameters," I didn't mean to
switch to all GET methods. I just meant that you should configure
your OAuth client to pass oauth_* parameters in the query string
instead of the Authorization: header. This should still be possible,
even with POST requests. For example, see "OAUTH_AUTH_TYPE_URI" in
the PECL OAuth docs: http://php.net/manual/en/oauth.constants.php.
Justin Kerr Sheckler
Developer API Lead
Etsy.com
jus...@etsy.com