Merchant API Users and Roles

Cory M. Updated by Cory M.

The Merchant API allows a system to connect to ShipStream with the scope of data exposed being limited to that of a single Merchant. This is effectively an API that has functionality in parity with the Client UI. For example, it is ideal for integrating a shopping cart as it can be used to create orders, fetch inventory levels, fetch tracking information and update product info among others. It is not allowed to perform functions that pertain to warehouse operations such as picking or inventory adjustments.

To manage Merchant API Users go to System > Integrations > Merchant API Users. Admin users may create Merchant API Users for any merchant, while Client users may only create Merchant API Users for their own merchant account. Each Merchant API User can be assigned to one or more roles to determine the fine-grained access level.

Developers implementing applications using the Merchant API should consult the ShipStream Merchant API Docs.

Create a Merchant API User

  1. Navigate to System > Integrations > Merchant API Users
  2. Click Add New User
  3. Select an existing User or create a new one by clicking Add New User
  4. Select a Merchant to associate with this API user (this step is skipped for Client Users)
  5. Choose a User Name that will be used to connect with the API from the external system
  6. Fill out the First and Last Name and Email in case ShipStream needs to contact your developers regarding the usage of the API
  7. Choose an API Key to act as a password for access to your ShipStream data. It is recommended that this should be at least 32 characters of random characters.
  8. Click on the left side menu item User Role, and choose the role with the correct permissions for this user.
  9. Click Save User.
To prevent accidentally crossing access between Merchants, the Merchant cannot be changed after the API User is saved.

Create a Merchant API Role

A Merchant API Role provides a Merchant API User assigned to a given role with access to the designated resources/permissions.

  1. Navigate to System > Integrations > Merchant API Users
  2. Click API Roles at the top right of the screen
  3. Click Add New Role
  4. Assign the role a Name, and define which permissions to grant the role under Role Resources
    1. The options in Resource Access are "All" or "Custom". Choosing All will grant all permissions to the role, and choosing Custom will allow users to pick the permissions from a tree view that mirrors the main navigation menu options.
    2. For example, if admin users wish to grant API access for the role to Retrieve Orders Info, but not actually create or modify the orders in anyway, they should select Custom and only check the box next to "Retrieve orders info" under the Sales > Order tree item.
  5. Once the API Role is defined click Save Role, admin users can create a new API User to have these permissions

How did we do?

Magento 1 / OpenMage

SPS Commerce