We support two methods for authorizing the calls you make to the eBay APIs:

  • OAuth—All eBay RESTful APIs use the OAuth 2.0 protocol for application and user authorization. OAuth is the industry standard for assuring your online transactions are secure. You must provide a valid access token for each request you make to the eBay RESTful interfaces. OAuth access tokens verify to eBay that a request is coming from a valid application and that the application has the user's authorization to carry out the requests. You can also use OAuth tokens with eBay Traditional APIs.

    Important: If you use Traditional APIs like the Trading API, we recommend that you use OAuth, but eBay's older Auth'n'Auth process is still available for older applications.

    The OAuth scopes assigned to your application allow it to access specific API resources and methods. A valid OAuth token can successfully authorize a request only if the token was generated with the scope required by the target method.

    You can see the OAuth scopes for your application in Application Keys.

  • Auth’n’Auth—The authentication and authorization technology used by eBay Traditional APIs.