In WooCommerce 2.4 we now have a tab in the settings dedicated to our Rest API. Previously these options were scattered around in the general and webhooks tab and user pages. These are now grouped.
In addition, API keys are no longer found within each user profile. Everything is grouped and a user can have multiple API keys. Previously a user could only have 1 key.
In 2.4 it’s easy to organise your keys and know what each key was generated for and when it was last used.
We also did some security updates to generate hashes from the new keys. Keys can only be viewed at the time they are generated:
API Authentication Endpoint
Our authentication endpoint allows easy integration between WooCommerce and Apps, since the API keys are created with just one click from the store manager.
This facilitates the integration, especially for Apps on mobile devices.
To generate a URL for our authentication endpoint is quite simple.
You must use our new
/wc-auth/v1/authorize endpoint and pass the following parameters as query string:
app_name– Your app name
scope– Level of access. Available:
user_id– User ID in your app (for your internal reference)
return_url– URL that will be used for receive the user back
callback_url– URL that will receive the generated API key. Important to note that this URL should be over SSL
Here an example in PHP and soon it will also be available in our REST API docs:
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|$store_url = 'http://example.com';|
|$endpoint = '/wc-auth/v1/authorize';|
|$params = array(|
|'app_name' => 'My App Name',|
|'scope' => 'write',|
|'user_id' => 123,|
|'return_url' => 'http://app.com',|
|'callback_url' => 'https://app.com'|
|echo $store_url . $endpoint . '?' . http_build_query( $params );|