To help Wish API partner integrators better understand the Wish API documentation, what operations can be performed through the API (compared to direct operations on the Wish merchant platform), and what supporting features are critical to building Wish integrations, we have created the following guide to guide API partners in creating open service applications through the API. Please follow the steps below:
1. Register an open service application in the Wish Sandbox environment:
1). Partners register ERP through the ERP registration page in the Wish Sandbox environment, and can refer to the Wish API documentation.
2). Partners send an email to the Wish Partner API mailbox (partner-api@wish.com) to inform Wish that you have registered ERP and hope to access the Wish Sandbox environment through the API.
3). Wish will review the partner’s application.
4). Once the application is approved, the partner can log in.
5). Click Account > Create Application.
Create an application name (use the name you want merchants to see). OAuth requires a redirect URL (for receiving authorization, you can change this URL at any time).
Please note that merchants cannot see the details of the previous page in the sandbox.
6). The partner will be given a client ID and client secret for merchant account testing in the Wish sandbox (the client ID and client secret are required to complete the Wish API OAuth process in the sandbox).
2. The partner can log in to the sandbox again as a merchant. Since this is a sandbox environment, the partner does not have to enter real merchant information.
1). The partner logs in to Wish with a new email (different from the email used when registering for ERP) and starts developing open service applications as a merchant.
2). Associate the virtual merchant account with the ERP partner.
a). When logging in as a merchant in the sandbox, the merchant should change the URL to https://sandbox.merchant.wish.com/v3/oauth/authorize?client_id={client_id}, where {client_id} is the client_id generated by the ERP when the merchant created the open service application. The system will then display a prompt asking the merchant to authorize ERP to fully access the merchant’s store.
b). Once the merchant authorizes, the URL will change to https://example.redirect.uri.com?code={authorization_code}, which is the location that the ERP specified to redirect to when creating the open service application.
c). At this point, you can follow the typical OAuth flow.
d). All API requests should include an access_token. Access tokens are valid for 30 days.
e). To obtain a new access token, you can use refresh_token. This action will invalidate the previous token.
3). Partners will conduct all testing in the Wish Sandbox environment.
4). You can proceed without requesting additional approval from Wish.
3. Register an Open Service Application in the Wish Production Environment
1). Partners register ERP in the production environment through the ERP registration page in the Wish production environment.
2). Partners send an email to the Wish Partner API mailbox (partner-api@wish.com) to inform Wish that you have registered ERP and hope to access the Wish production environment through the API.
3). Wish will review the partner’s application and notify the partner if any problems are found.
4). After approval, you can log in to your account and select Account > Create App.
Partners enter the information to be published in the Wish App Store. “App Name” and “Redirect URL” are required fields. Partners can also enter additional information such as app logo, value proposition, description, website and/or customer service email address, which will need to be reviewed as this information will be displayed to merchants.
Entering this additional information does not affect the creation of open service applications and API integrations, but these fields will only be published to the Wish App Store after approval. In the meantime, the approval status of these additional information fields can be reviewed as shown below.
You can review and edit all the information submitted above (mandatory or additional information) by going to Account > App Settings. If the information in the additional information fields is edited or deleted, it will need to be reviewed again.
5). Refer to the Wish production environment API documentation.
6). Partners complete the OAuth process.
7). Partners need to enable Wish production environment integration and remember to point API calls to the Wish production environment, not the sandbox environment.
4. Merchants must register a unique store account on the Wish merchant platform and authorize ERP to send data to and receive data from the merchant’s Wish store.
1). When registering a merchant account, merchants need to submit information to verify their business license and personal information ID, which will be reviewed and approved by Wish.
2). The merchant account will be reviewed and approved by a Wish account manager representative.
3). Merchants then need to authorize ERP in one of the following ways:
a). Merchants select an ERP and register an account.
(i) If the merchant selects the Wish Authorization link on the ERP interface, they are redirected to the “OAuth Authorization” page, where they can authorize ERP.
? The link should look like this, with the ERP’s unique production client ID: https://merchant.wish.com/v3/oauth/authorize?client_id={PRODUCTION_CLIENT_ID}
(ii) If the merchant clicks “Authorize”, they are redirected to the “Redirect URI” specified by the ERP and provide an authorization code. The ERP will use this authorization code to call the Wish API to obtain an access token.
b). The merchant searches for ERP in the Wish App Store (Note: this process has not yet been launched, but the ERP should be able to handle this process in preparation for future launches):
(i) If the merchant selects “Add App”, they are redirected to the “OAuth Authorization” page, where they can authorize the ERP.
(ii) If the merchant clicks “Authorize”, they are redirected to the “Redirect URI” specified by the ERP and provide an authorization code. The ERP will use this authorization code to call the Wish API to obtain an access token.
? If the ERP-specified “Redirect URI” page does not handle the situation where the merchant is not logged in and/or does not have an ERP account, the connection may not be complete.
? To complete the connection, prompt the merchant to log in or register with the ERP. Then add the authorization code to the URL and complete the OAuth flow after the merchant logs in or creates an account.
c). This completes the authorization process.
d). If the merchant wants to cancel the ERP authorization, they can cancel the authorization at any time through the “Account” > “Settings” > “API Settings” on the Wish Merchant Platform.
Please note that to increase the security of the Open Service App, partners can now add up to 2 OAuth client keys for the Open Service App. Simply go to the “App Settings” page and click “Add a second key” below the first client key to add the second one:
If the client keys have been compromised, partners can also change the 2 client keys as needed by deleting the old key and adding the new key.
Note: To find links to documentation, tips, tutorials, etc., go to the Wish Developer page.
Article content source: Wish merchant official website