I am working on Walmart integration to my own web application using PHP. When I tried to acknowledge my Mexico orders, I got an empty response. The data type of response is string with 0 length, error code 400. It looks like my credentials are good. Is "https://marketplace.walmartapis.com/v3/orders/{PurchaseOrderId}/acknowledge" a valid API url?
$url="https://marketplace.walmartapis.com/v3/orders/P108915403/acknowledge";
$ch = curl_init();
$qos = uniqid();
$options = array(
CURLOPT_URL => $url,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_TIMEOUT => 60,
CURLOPT_HEADER => false,
CURLOPT_POST =>1,
CURLOPT_HTTPHEADER => array(
"WM_SVC.NAME: Walmart Marketplace",
"WM_QOS.CORRELATION_ID: $qos",
"Authorization: Basic $authorization",
"WM_SEC.ACCESS_TOKEN:$token",
"Accept: application/json",
"Content-Type: application/json",
"WM_MARKET: mx",
),
);
curl_setopt_array($ch, $options);
$response = curl_exec($ch);
var_dump($response);
Code Snippet
After putting it aside for a few months, today I picked it up and finally got it resolved luckily and got a 202 Accepted Response with empty content(Walmart's documentation says the response to a successful call contains the acknowledged order, but it actually contains nothing except for 202 Accepted code).
When I tried to acknowledge my Mexico orders, the response is actually not empty. The header contains error message: http code 400 Bad Request. I confirmed that it is due to wrong payload structure after testing.
So "https://marketplace.walmartapis.com/v3/orders/{PurchaseOrderId}/acknowledge" is a valid API URL and is the same as US API. The difference between them is that MX site needs a well-structured payload through POST while US site does not(US API only needs an empty payload through POST).
The key point to a successful call is the structure of the payload. The structure should be like the samples in the documentation.
Pay attention to the details of the structure. Refer to the picture for the structure of payload here.
The "orderLine" and "orderLineStatus" should be declared as ARRAY instead of single element. And this is the reason why I failed to call the acknowledge API before.
Looks like you are using an old API, which has been discontinued, the same has been communicated late December 2020.
We have improved our onboarding experience with following steps:
Create an account on Walmart IO platform - https://walmart.io by clicking on the user icon just before the search box.
Login to the account and accept "Terms of Use"
Click on "Create Your Application" to create a new application and fill in appropriate details.
Use this tutorial to generate two sets of public/private keys - https://walmart.io/key-tutorial
* One set will be used for production.
* Other set will be used for stage.
Upload both public keys using - https://walmart.io/key-upload?app_name=<your app name>
Consumer ID will be generated for both sets for prod and stage which can be seen on the dashboard - https://walmart.io/userdashboard
Click on "Request Access" for Checkout APIs at https://walmart.io/reference and fill out the form.
Once the access is approved, documentation will be available for integrating with Commerce API through Walmart I/O.
We will send out client secrets for stage and prod as soon as they’re ready.
Thanks,
Firdos
IOSupport
Related
I am using a fairly simple piece of code to send events to a Google Analytics account:
$req = curl_init('https://www.google-analytics.com/collect');
curl_setopt_array($req, array(
CURLOPT_POST => TRUE,
CURLOPT_RETURNTRANSFER => TRUE,
CURLOPT_POSTFIELDS =>
"v=1&t=event&tid=UA-40825301-52&cid=123456&ec=test&ea=test2&el=test3&ev=123&utmcsr=google&utmcmd=organic"
));
$response = curl_exec($req);
What I am trying to achieve is sending offline conversions to our Google Analytics as events. We do know the initial source of these conversions and want this data in Google Analytics too. utmcsr and utmcmd are supposed to be used to send source & medium data but.. all events end up as direct traffic. Any idea what might be the issue?
What you're using is called Measurement protocol. There are multiple comfortable libraries to use it. You still can use it through curl, but then I don't recognize the utmcsr and utmcmd. Where are they from?
Here is the parameter reference for it: https://developers.google.com/analytics/devguides/collection/protocol/v1/parameters I don't see there the parameters you're trying to pass in your request.
The utm params are a part of the dl parameter. The document location. You can inspect an existing collect call and see how this info is passed. Here, I used SO's existing tracking, just faked the utm params:
Disregard all cd parameters and the dp. You don't seem to be needing them for now.
Feel free to explore the measurement protocol properly starting from here: https://developers.google.com/analytics/devguides/collection/protocol/v1
It appears that using the cm and cs parameters allow you to post source and medium to Google Analytics with server side analytics tracking.
What helped me tremendously:
https://ga-dev-tools.web.app/hit-builder/
https://developers.google.com/analytics/devguides/collection/protocol/v1/parameters
My code:
$req = curl_init('https://www.google-analytics.com/collect');
curl_setopt_array($req, array(
CURLOPT_POST => TRUE,
CURLOPT_RETURNTRANSFER => TRUE,
CURLOPT_POSTFIELDS =>
"v=1&t=transaction&tid=UA-40825301-52&cid=e87f9f6f-fba1-4922-9319-98e3c1d6f7c6&dp=%2Freceipt&dt=Receipt%20Page&ti=T12345&ta=Direct&tr=37.39&tt=2.85&ts=5.34&tcc=SUMMER2013&pa=purchase&pr1id=P12345&pr1nm=Android%20Warhol%20T-Shirt&pr1ca=Apparel&pr1br=Google&pr1va=Black&pr1ps=1&utm_source=google&utm_medium=ads&ds=web&cs=google&cm=organic"
));
$response = curl_exec($req);
$curl = curl_init();
Hello all i have created with google oauth api an easy way to validate an ID token signature for debugging by using the tokeninfo endpoint.
To validate an ID token using the tokeninfo endpoint, i make an HTTPS POST or GET request to the endpoint, and pass my ID token in the id_token parameter. For example, to validate the token "XYZ123", make the following GET request:
https://oauth2.googleapis.com/tokeninfo?id_token=XYZ123
If the token is properly signed and has the appropriate values I got an HTTP 200 response (i follow this guide https://developers.google.com/identity/sign-in/web/backend-auth)
What is the alternative choice within apple? Any recommendations on how to fix the exact same thing for apple?
Here is an example of my code:
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://oauth2.googleapis.com/tokeninfo?id_token=' . $request->input('token'),
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'GET',
));
$response = curl_exec($curl);
curl_close($curl);
$responseDecoded = json_decode($response);
if (isset($responseDecoded->error)) //FAILED TO GOOGLE AUTHENTICATED
{
if ($responseDecoded->error=='invalid_token')
{
return response()->json(['status' => 'fail', 'message'=>'invalid_token']);
}
}
A key thing to understand here:
There are a myriad of ways for users to sign in - one of them is Apple - they come and go - see the Curity Authenticators Page to get a feel for this.
Protecting your data should work the same in all cases.
So if you base your data protection around Apple it will just not work for people who do not use Apple to sign in and you are restricting your possibilities.
Here is how the solution should work:
Your UIs and APIs talk to an Authorization Server (AS)
The AS manages the connection to Apple and the 25 other possible authentication methods
Every time you add a new authentication option, zero code needs to change in any of your UIs and APIs
Your UI and API code remains simple and portable over time
To summarize, I would recommend your apps talk to Google OAuth2 - which helps to protect your data, whereas Apple should play a smaller role of being an authentication method - Google should talk to Apple for you.
At Curity we provide a Sign in with Apple capability. Our main mission is around protecting data though ...
ID TOKEN VALIDATION
If this is received in a browser response it should be validated by the app. This usually involves downloading token signing public keys from the Authorization Server. Some providers may give you an endpoint that does this as in the Google case.
Apple provide some (non standard) behavior as in this link to do an equivalent thing.
But coding this in your app is likely to lead to further problems later, when you try to implement authorization. Note also that an ID token should not be used to protect data in APIs - use access tokens instead.
I am trying to use the Xero API to send an Invoice Email on my WordPress site. But I am unsure how to set the authorization header I have attempted the following:
$args = array(
'headers' => array(
'Content-Type: application/x-www-form-urlencoded',
'Authorization' => 'Basic ' . base64_encode('myClientID' . ':' . 'myClientSecret')
),
);
$response = wp_remote_post('https://api.xero.com/api.xro/2.0/Invoices/2dfa4120-1fd2-4e67-927e-c16ac821226c/Email', $args);
print_r($response);
This gives me a response of 404 unauthorized. Is there something I'm missing or doing wrong?
the Authorization header actually requires a valid access_token be set, not the id / secret combo. You can read more about the code flow required to get a token here: https://developer.xero.com/documentation/oauth2/auth-flow
If you familiar with PHP you can look through code in the PHP SDK sample app here: https://github.com/XeroAPI/xero-php-oauth2-app
Is your goal to send that invoice email to a dynamic organisation, or simply send an invoice from your own personal org?
Fortunately (or unfortunately) early next year we will have the option for this embedded access_token - but if you wanted to set this up in the interim you will need to generate an access token from a user flow, and then setup the backend mechanism to have it be refreshed prior to usage which I explain in this youtube vid: https://www.youtube.com/watch?v=Zcf_64yreVI
More about "machine 2 Machine" integrations aka the client_credentials OAuth2.0 grant
https://developer.xero.com/announcements/custom-integrations-are-coming/
I am new to Quickbooks API. I have found APIs list under API Exolorer link in Quickbooks. They have shown the Request URI & Request Headers that are needed for making the API call. I can understand that. But how to call that URI or how to integrate that API with PHP is not exactly specified. I tried to call the URI and get the results using curl,but it didn't succeed. I have lost lot of time for this integration. I have searched google in all possible way. But most of the results coming related to PHP SDKs. But I need to integrate the Quickbooks Online API.
The Request URI for creating an entity is looks like below.
https://{{baseurl}}/v3/company/{{companyid}}/account
Please help me to sort this out.
As most people suggested, using the PHP SDK is going to be the easier way for integrating QuickBooks Online with PHP: https://github.com/intuit/QuickBooks-V3-PHP-SDK
However, using plain PHP cURL is also possible, but a few concepts you need to understand before making the API call:
1) OAuth 1.0 protocol
It is what most developer get confused of. QuickBooks Online use OAuth 1.0 as authorization protocol. You need to spend sometime to understand how it worked. For documentation, you can read it here: https://developer.intuit.com/docs/0100_quickbooks_online/0100_essentials/000500_authentication_and_authorization/connect_from_within_your_app
However, I suggest you play with the OAuth playground, it gives you a feeling for how it looked like when you implement it: https://appcenter.intuit.com/Playground/OAuth/IA/ (fill your Consumer key and secrets, click on Connect to Quickbooks Button)
During the process, it will return something called: RealmID. That is the companyid in QBO, put it on the URL.
2) The base URL
When you create an app at developer.intuit.com, under keys tab, you will see Development Keys and Production Keys. The corresponding keys at the right side is what you need to fill for the {baseurl} part(For example, besides development keys, there is place called "Accounting Sandbox Url" : "sandbox-quickbooks.api.intuit.com"). For each API entity endpoint, refer to the documentation: https://developer.intuit.com/docs/api/accounting/customer
3) Authorization header
You are unlikely to implement it by yourself for OAuth 1.0. Twitter has a good link for how to use the Access Token and Access Token secrets from step 1) to generate signature: https://dev.twitter.com/oauth/overview/creating-signatures
You will put the signature as part of the authorization header.
If you are using POSTMAN, they have OAuth 1.0 as authorization protocol available for you. Here is an example
<?php
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => "https://sandbox-quickbooks.api.intuit.com/v3/company/193514340994122/account/1",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => array(
"authorization: OAuth oauth_consumer_key=\"qyprdDjYtPpiEpbwFQZuUoAjubpVqm\",oauth_token=\"lvprdfblXv4LqNVhIv2WH2JebiSZgNs9POiEoCJxMwEhqbgc\",oauth_signature_method=\"HMAC-SHA1\",oauth_timestamp=\"1494441064\",oauth_nonce=\"cfh0b7\",oauth_version=\"1.0\",oauth_signature=\"KqpN9ximPGWnWJBaXg1Vs9urJLY%3D\"",
"cache-control: no-cache",
"postman-token: 7c570691-c6cd-a706-67a0-984c5ddb1e6a"
),
));
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
I'm trying to add a new Deal with the Pipedrive API.
To do so I've followed this tutorial: http://support.pipedrive.com/customer/portal/articles/1271064-how-to-send-in-deals-using-a-web-form
But there's something I didn't understand:
"Email API gives your company a special email address you can use to
automate lead generation and adding of new contacts and
organizations."
Where can I get this email address, there's no other mention of it at the tutorial?
Since I'm unable to follow the tutorial I'm trying to add a new deal with cURL, this is the code:
<?php
$deal = array("item_type" => "deal","stage_id" => 1,"title" => "Atendimento Web Site","organization" => "Company","owner" => "johndoe#company.com.br","visible_to" => 2,"person" => array("name" => $nome,"email" => $email,"organization" => $empresa,"phone" => $tel));
$deal_string = json_encode($deal);
$ch = curl_init('https://api.pipedrive.com/v1/deals?api_token=TOKEN');
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_POSTFIELDS, $deal_string);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Content-Type: application/json, charset=UTF-8',
'Content-Length: ' .strlen($deal_string))
);
echo $deal_string;
echo curl_exec($ch);
?>
And this is what I get:
iten sent -> {"item_type":"deal","stage_id":1,"title":"Atendimento","organization":"Company","owner":"owner#mail.com.br","visible_to":2,"person":{"name":"Jo\u00e3o Neto","email":"mail#mail.com.br","organization":"Company 2","phone":"7112345678"}}
return from api -> {"success":false,"error":"Deal title must be given.","data":null,"additional_data":null}
Where's the error?
About the email support it's true that you are mixing two thing, although it was also happened to me the first time. I admit it would seem strange, an API in which you can use emails.
Anyway, I was working on a simple integration between Pipedrive and another platform and I used the full REST API.
I noticed every time you have an error creating a Deal or you make a mistake in the Json (even if title is ok), you always get the same answer "error":"Deal title must be given.". Of courses it won't help you too much.
So, I recommend you to use some tools like RESTClient for Firefox to simplify the problem at the beginning or even Firebug to sniff it from https://developers.pipedrive.com/v1 making use of their tools to understand the request a little bit better. After that, you can do it more complex.
I am putting you a screenshot in which you can see the simplest example. I hope it will be useful for anyone
I'd receive an email from Pipedrive Support with a full anwser.
*Hi,
Thanks for reaching out!
I'm sorry to hear about the trouble!
So you're mixing up two completely separate things. You're sending in the JSON object needed for the Email API into the REST API.
You have 2 options.
You could go full on with the email API. To do this you need to log into your Pipedrive account, navigate to the Settings, Features page and enable the Email API feature. Then click through to the email API page and get the email address you need to send the object to. And then alter your PHP code to send in that object to that email address as a plain text email. No curl or API token needed for that.
You could clean up the data object you're sending in with the REST API. But you need to understand that the REST API works a little different from the Email API. So you can't just send in the person object along with the deal. You would first need to POST in the person with all the details to the persons endpoint and get back the ID. You can then use the person ID in the deals POST.
I hope this helps
Martin Henk | Co-Founder, Head of Customer Support
Pipedrive*