Authentication

How to get working with the API

This document assumes that you already have an application created inside the Linnworks developer portal. If you do not, please follow the guide before this.

Linnworks uses an access token approach to allow an external party to access an accounts data. This access token is obtained by a user installing an application. Some types of applications automatically generate tokens, such as external user interfaces and external applications (eg. Mobile applications, external integrations). Others do not require tokens as they are managed internally (eg. Channel integrations and shipping integrations).

In order to get started you will need:

  • Your application ID
  • Your application secret
  • An access token

To generate an access token you can start by adding a module with the type "External Application" in your application (Located on the developer portal). This will tell Linnworks, upon installing the application on the user account, to generate a token that can be provided to you which can be used to act on behalf of the user.

Once the above step is completed you can go ahead and click the installation URL for the application. This is provided on the main page of the application view in the developer portal. Enter your Linnworks details and in the version dropdown select "Development version" (Selecting development version allows you to have the latest version of your manifest installed at a given time meaning you can see the changes on the fly). Once installation is completed you should see an access token presented to you. Take note of this token for the next step.

Once you have an access token you can generate a session. An access token is used to generate a session and the session is used to communicate with the API. To generate a session, use the authenticate call in the Authentication section with your application Id, secret and access token to generate a new session.

After generating the session, use the response objects value in the "Token" field in subsequent calls to the API to act on behalf of the user. The token should be stored in the Authorization header. You will also need to use the locality returned from this call. You should call https://{locality}-ext.linnworks.net/api. Please note: You can only call the EU server directly from this readme documentation.