YouCan Developer

Appearance

Connect OAuth

To connect to YouCan API, you can use the standard OAuth 2 to get an access token.

Prerequisites

Before you begin, ensure you have a Partner Account with YouCan. You can register here.

Setting Up OAuth

To use OAuth, follow these steps in your Partner Dashboard to generate OAuth Credentials:

  • Go to the OAuth tab in the Partner Dashboard and create a new client.
  • Fill in the app details including name and redirect URLs.
  • Select the required scopes.
  • After saving, your Client ID and Client Secret will be generated and displayed.

Authorization Request

To obtain an authorization code, redirect the seller to YouCan with the following URL:

https://seller-area.youcan.shop/admin/oauth/authorize?client_id=<CLIENT-ID>&redirect_uri=https://myapp.com/callback&response_type=code&scope[]=*

Exchange Code for Access Token

After the seller accepts the request via the authorization popup, they will be redirected to the specified redirect URI (https://myapp.com/callback). You can then exchange the authorization code for an access token. Here's an example using Laravel:

php
Route::get(
    '/callback',
    function (Request $request) {
        // If an error occurred or seller rejected authorization
        if ($request->has('error')) {
            if ($request->get('error') === 'access_denied') {
                return 'You canceled the request';
            }

            return "an error occurred";
        }

        $http = new GuzzleHttp\Client;

        $response = $http->post(
            'https://api.youcan.shop/oauth/token',
            [
                'form_params' => [
                    'grant_type'    => 'authorization_code',
                    'client_id'     => '<CLIENT ID>'
                    'client_secret' => '<CLIENT SECRET>',
                    'redirect_uri'  => 'https://myapp.com/callback',
                    'code'          => $request->get('code'),
                ],
                'http_errors' => false,
            ]
        );

        return json_decode((string)$response->getBody(), true);
    }
);

Response:

json
{
    "token_type": "Bearer",
    "expires_in": 1295999,
    "access_token": "<ACCESS TOKEN>",
    "refresh_token": "<REFRESH TOKEN>"
}

As an alternative, you can request, regenerate and revoke an access token from your seller-area in Settings > Developer Settings

Refresh Token

The access token typically has a lifetime of one year unless it's revoked. You can refresh it using the refresh_token attribute you got from the response. Here's an example of how to refresh it:

php
$http = new GuzzleHttp\Client;

$response = $http->post(
    'https://api.youcan.shop/oauth/token',
    [
        'form_params' => [
            'grant_type'    => 'refresh_token',
            'client_id'     => '<CLIENT ID>',
            'client_secret' => '<CLIENT SECRET>',
            'refresh_token' => '<REFRESH TOKEN>',
        ],
        'http_errors' => false,
    ]
);

© 2022-2024 YouCan