The Ecwid API authentication uses oAuth2 so you can get an access to the API by asking user consent without them having to copy and paste any credentials. See "Authentication basics" for more details. The way you get an access token for a particular store depends on how your application is installed — in most popular cases, Ecwid handles part of the oAuth process so you can get a token easier.
- For the applications installed from the Ecwid App Market, the consent step is handled by Ecwid. So, after your app is installed, you will get either an access token itself or a temporarily code you can exchange for a token.
- For the applications distributed outside the Ecwid App Market, the process involves full OAuth flow . You will need to send user to a consent dialog, get a temporarily code upon user permission and then exchange the code for a token.
- For the single-store customizations, you can get bypass oAuth and get a token from the Ecwid Control Panel.
See details below.