To access the MarketRock APIs, you mustrregister as a developer and accept our data usage terms: register as a developer
\n\nThen, if you don't yet have a MarketRock account with which to connect via API (e.g. the MarketRock account of one of your customers), you can create one for free here: [Register a MarketRock account](https://landing.marketrock.it/it-it/registrati-per-licenza-gratuita)**.**\n\n---\n\nFor complete integration, we suggest following the following steps:
\n\nTo make calls you need to have an access token. The procedure for obtaining one is shown in the chapter \"How to obtain an access token\".
\n\nFolders allow you to organize products. You will probably just need the \"Create\" call. Keep in mind that the folder describes the element of discrimination for, for example, listing products on eBay. That is, products in the same folder will generate listings in the same eBay category.
\n\nOnce you have created the folders, create products inside them using the \"Create\" example (perhaps starting with the \"Create base\"). Before proceeding with this call, however, you need to create price lists on MarketRock. Once you have created them, download the IDs you will need to create the product by running the \"Get all pricelists\" call.
On the products you can (and probably have to) specify:
Once you have managed to create the products, make some basic calls to synchronize prices and quantities of the products that are changed. This is the most operationally important call. To do this, simply look at the \"Update\", obviously specifying only the PricingRows and Availabilities element. I remind you that if you do not specify a price, it will then be removed (causing it to be removed from the market to which that price list is connected).
\n\nOnce the products are on MarketRock, it will then be MarketRock's task to publish them on the various markets, depending on the customer's configurations. At this point, while you continue to update quantities and prices, MarketRock will accept the orders. In this case the general flow is as follows:
At MarketRock we care about the privacy of our users, so we want only applications authorized by our users to be able to access their data and until our users decide to revoke access. The result, once you have been authorized by one of our users, is our receipt of an Authorization Token (called AuthToken) which will allow you to operate on behalf of the client on his MarketRock account.
\n\nThe process for obtaining an authorization token is based on OAuth (if you don't already know, OAuth is a now standard protocol that we decided to implement to solve this need, for more info I recommendthis resource).
\n\nNormally, for these integrations, we use the flow called \"Authorization Code Flow\". This flow consists of these steps:
\n\n< li>if the user accepts, we redirect the user to a page that is on your server, passing a temporary code (usable only once and expiring in 5 minutes)< li>with this code (called code) make a call to our server, authenticating with a pair of keys called client_id and client_secret.
When we bring your application into production, we will issue you a pair of credentials (client_id and client_secret) that will be known only to us and must be kept secret. In this phase I will provide you with a pair of temporary keys, to test the authorization flow directly in Postman.
\n\nThe access token you will receive is valid for 1 day (86400 seconds), for security reasons. If you request it (in point 2) you will also be able to obtain a renewal token (called refresh_token) at the same time as the access token (in point 7). With this token you will be able, without obtaining the user's consent, to obtain a new access token that will allow you to continue operating on behalf of the customer. I don't have to tell you that this token must be stored with the utmost care!
\n\nCALLBACK_URL will be the URL to which the user will be directed, after giving us the ok. It will be agreed by us and cannot be modified by you independently. For this demo you can use https://www.getpostman.com/oauth2/callback
SCOPES are the permissions you want to ask the user. You can concatenate more than one, separating them by a + character and you can choose between:
at this point, from resource code that responds to CALLBACK_URI, you can start a call to the MarketRock token endpoint, i.e. https://auth.edock.it/identity/connect/token. Such a call must contain, passed as the body of the message in mode x-www-form-urlencoded:
If everything works as it should, you will receive an access_token in return, with the expiry date expressed in seconds.
\n\nThis whole discussion may seem very complicated and convoluted. I would like to underline that you will certainly find, whatever the language you use, numerous libraries that will allow you, once you have specified the parameters (client_id, client_secret, callback_uri, etc. etc.), to obtain the various tokens you will need. I preferred to illustrate everything to show you what happens behind the scenes!
\n\nIf, among the scopes, you asked for \"offline_access\", when you have completed the authentication round, in addition to the access_token, you will also receive a refresh_token. This refresh_token allows you to generate a new access_token, with the same scope as the previous one, without having to ask the user for authorization again.
\n\nWhen the access_token is about to expire, make a POST call to the MarketRock token endpoint (https://auth.edock.it/identity/connect/token), with the following parameters passed in x-www-form -urlencoded:
\n\nYou will receive another access_token, with which to continue accessing the client's MarketRock account.
\n\n# Workspaces and permissions\n\nEach MarketRock user may or may not own a MarketRock workspace. Furthermore, each user can have access, with different privileges, to different MarketRock workspaces.\n\nExamples:\n\n- User A owns a MarketRock workspace (to which he obviously has access), but does not have access to other workspaces\n \n- User B does not own a MarketRock workspace, but can access two different MarketRock workspaces\n \n- User C owns a MarketRock workspace and has access to two other workspaces.\n \n\nTo access other Workspaces you must be invited by the Workspace owner.\n\n## Permissions\n\nEach user, on any workspace he or she owns, has access to all functionality (i.e. he or she can make any kind of API call).\n\nOn the workspaces of which he is not the owner, however, he has permissions that are assigned by the owner user. Permissions are of different types (for example reading or writing products, reading or writing orders, reading or writing shipments and so on).\n\nIf a call is made that requires privileges that the user does not have, HTTP code 401 (Unauthorized) will be returned.\n\n## Default workspace\n\nEach API call is made on the user's default workspace.\n\nThe default workspace is the workspace that you own. This means that an API call:\n\n- for users A and C, it will be carried out on his property space\n \n- for user B, it will fail with an HTTP 401 (Unauthorized) code\n \n\n## Change workspace\n\nIt is possible to make the API call act on a workspace other than the default one, by valorising an X-eDock-Impersonate HTTP header, whose value is the workspace ID.\n\nTo understand which workspaces a user can access and their IDs, you can call Users > Workspaces.\n\nThis means that:\n\n- user A will not be able to enhance the X-eDock-Impersonate installation (except by using the ID of his workspace, a useless operation)\n \n- user B will be able to enhance the X-eDock-Impersonate header using, at his choice, the ID of the workspace 1 or 2 to which he has access\n \n- user C will be able to act on workspaces of which he is not the owner by enhancing the X-eDock-Impersonate header.","schema":"https://schema.getpostman.com/json/collection/v2.0.0/collection.json","isPublicCollection":true,"owner":"235984","team":8525100,"collectionId":"6b7d91fb-796c-dc91-8db5-9e74f4d456af","publishedId":"719ZDC8","public":true,"publicUrl":"https://documenter-api.postman.tech/view/235984/719ZDC8","privateUrl":"https://go.postman.co/documentation/235984-6b7d91fb-796c-dc91-8db5-9e74f4d456af","customColor":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"FF6C37"},"documentationLayout":"classic-double-column","customisation":{"metaTags":[{"name":"description","value":""},{"name":"title","value":"MarketRock API - Your one stop API shop for your marketplaces"}],"appearance":{"default":"light","themes":[{"name":"dark","logo":null,"colors":{"top-bar":"212121","right-sidebar":"303030","highlight":"FF6C37"}},{"name":"light","logo":null,"colors":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"FF6C37"}}]}},"version":"8.10.1","publishDate":"2024-05-23T15:05:32.000Z","activeVersionTag":"latest","documentationTheme":"light","metaTags":{"title":"MarketRock API - Your one stop API shop for your marketplaces","description":""},"logos":{"logoLight":null,"logoDark":null}},"statusCode":200},"environments":[],"user":{"authenticated":false,"permissions":{"publish":false}},"run":{"button":{"js":"https://run.pstmn.io/button.js","css":"https://run.pstmn.io/button.css"}},"web":"https://www.getpostman.com/","team":{"logo":"https://res.cloudinary.com/postman/image/upload/t_team_logo_pubdoc/v1/team/622f78b9a4fb91b6d4f2241877dcae26ed0e9d6a18341e7b21ea4bdb380f38d8","favicon":""},"isEnvFetchError":false,"languages":"[{\"key\":\"csharp\",\"label\":\"C#\",\"variant\":\"HttpClient\"},{\"key\":\"csharp\",\"label\":\"C#\",\"variant\":\"RestSharp\"},{\"key\":\"curl\",\"label\":\"cURL\",\"variant\":\"cURL\"},{\"key\":\"dart\",\"label\":\"Dart\",\"variant\":\"http\"},{\"key\":\"go\",\"label\":\"Go\",\"variant\":\"Native\"},{\"key\":\"http\",\"label\":\"HTTP\",\"variant\":\"HTTP\"},{\"key\":\"java\",\"label\":\"Java\",\"variant\":\"OkHttp\"},{\"key\":\"java\",\"label\":\"Java\",\"variant\":\"Unirest\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"Fetch\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"jQuery\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"XHR\"},{\"key\":\"c\",\"label\":\"C\",\"variant\":\"libcurl\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Axios\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Native\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Request\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Unirest\"},{\"key\":\"objective-c\",\"label\":\"Objective-C\",\"variant\":\"NSURLSession\"},{\"key\":\"ocaml\",\"label\":\"OCaml\",\"variant\":\"Cohttp\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"cURL\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"Guzzle\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"HTTP_Request2\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"pecl_http\"},{\"key\":\"powershell\",\"label\":\"PowerShell\",\"variant\":\"RestMethod\"},{\"key\":\"python\",\"label\":\"Python\",\"variant\":\"http.client\"},{\"key\":\"python\",\"label\":\"Python\",\"variant\":\"Requests\"},{\"key\":\"r\",\"label\":\"R\",\"variant\":\"httr\"},{\"key\":\"r\",\"label\":\"R\",\"variant\":\"RCurl\"},{\"key\":\"ruby\",\"label\":\"Ruby\",\"variant\":\"Net::HTTP\"},{\"key\":\"shell\",\"label\":\"Shell\",\"variant\":\"Httpie\"},{\"key\":\"shell\",\"label\":\"Shell\",\"variant\":\"wget\"},{\"key\":\"swift\",\"label\":\"Swift\",\"variant\":\"URLSession\"}]","languageSettings":[{"key":"csharp","label":"C#","variant":"HttpClient"},{"key":"csharp","label":"C#","variant":"RestSharp"},{"key":"curl","label":"cURL","variant":"cURL"},{"key":"dart","label":"Dart","variant":"http"},{"key":"go","label":"Go","variant":"Native"},{"key":"http","label":"HTTP","variant":"HTTP"},{"key":"java","label":"Java","variant":"OkHttp"},{"key":"java","label":"Java","variant":"Unirest"},{"key":"javascript","label":"JavaScript","variant":"Fetch"},{"key":"javascript","label":"JavaScript","variant":"jQuery"},{"key":"javascript","label":"JavaScript","variant":"XHR"},{"key":"c","label":"C","variant":"libcurl"},{"key":"nodejs","label":"NodeJs","variant":"Axios"},{"key":"nodejs","label":"NodeJs","variant":"Native"},{"key":"nodejs","label":"NodeJs","variant":"Request"},{"key":"nodejs","label":"NodeJs","variant":"Unirest"},{"key":"objective-c","label":"Objective-C","variant":"NSURLSession"},{"key":"ocaml","label":"OCaml","variant":"Cohttp"},{"key":"php","label":"PHP","variant":"cURL"},{"key":"php","label":"PHP","variant":"Guzzle"},{"key":"php","label":"PHP","variant":"HTTP_Request2"},{"key":"php","label":"PHP","variant":"pecl_http"},{"key":"powershell","label":"PowerShell","variant":"RestMethod"},{"key":"python","label":"Python","variant":"http.client"},{"key":"python","label":"Python","variant":"Requests"},{"key":"r","label":"R","variant":"httr"},{"key":"r","label":"R","variant":"RCurl"},{"key":"ruby","label":"Ruby","variant":"Net::HTTP"},{"key":"shell","label":"Shell","variant":"Httpie"},{"key":"shell","label":"Shell","variant":"wget"},{"key":"swift","label":"Swift","variant":"URLSession"}],"languageOptions":[{"label":"C# - HttpClient","value":"csharp - HttpClient - C#"},{"label":"C# - RestSharp","value":"csharp - RestSharp - C#"},{"label":"cURL - cURL","value":"curl - cURL - cURL"},{"label":"Dart - http","value":"dart - http - Dart"},{"label":"Go - Native","value":"go - Native - Go"},{"label":"HTTP - HTTP","value":"http - HTTP - HTTP"},{"label":"Java - OkHttp","value":"java - OkHttp - Java"},{"label":"Java - Unirest","value":"java - Unirest - Java"},{"label":"JavaScript - Fetch","value":"javascript - Fetch - JavaScript"},{"label":"JavaScript - jQuery","value":"javascript - jQuery - JavaScript"},{"label":"JavaScript - XHR","value":"javascript - XHR - JavaScript"},{"label":"C - libcurl","value":"c - libcurl - C"},{"label":"NodeJs - Axios","value":"nodejs - Axios - NodeJs"},{"label":"NodeJs - Native","value":"nodejs - Native - NodeJs"},{"label":"NodeJs - Request","value":"nodejs - Request - NodeJs"},{"label":"NodeJs - Unirest","value":"nodejs - Unirest - NodeJs"},{"label":"Objective-C - NSURLSession","value":"objective-c - NSURLSession - Objective-C"},{"label":"OCaml - Cohttp","value":"ocaml - Cohttp - OCaml"},{"label":"PHP - cURL","value":"php - cURL - PHP"},{"label":"PHP - Guzzle","value":"php - Guzzle - PHP"},{"label":"PHP - HTTP_Request2","value":"php - HTTP_Request2 - PHP"},{"label":"PHP - pecl_http","value":"php - pecl_http - PHP"},{"label":"PowerShell - RestMethod","value":"powershell - RestMethod - PowerShell"},{"label":"Python - http.client","value":"python - http.client - Python"},{"label":"Python - Requests","value":"python - Requests - Python"},{"label":"R - httr","value":"r - httr - R"},{"label":"R - RCurl","value":"r - RCurl - R"},{"label":"Ruby - Net::HTTP","value":"ruby - Net::HTTP - Ruby"},{"label":"Shell - Httpie","value":"shell - Httpie - Shell"},{"label":"Shell - wget","value":"shell - wget - Shell"},{"label":"Swift - URLSession","value":"swift - URLSession - Swift"}],"layoutOptions":[{"value":"classic-single-column","label":"Single Column"},{"value":"classic-double-column","label":"Double Column"}],"versionOptions":[],"environmentOptions":[{"value":"0","label":"No Environment"}],"canonicalUrl":"https://documenter.gw.postman.com/view/metadata/719ZDC8"}