Skip to main content

What should I know about API key to API token migration?

George

1. Why is Grandville Printing sunsetting legacy API keys?

Sunsetting the API keys is a necessary step in the Grandville Printing API development. With the change from API keys to Private Tokens and Public Apps, we are making our API:

  1. Secure—By using OAuth 2.0 instead of HTTP Basic authentication method, we can provide our customers with security dependability of close to 100%. If any of the tokens are compromised, they can be deleted immediately, and API credentials will be safeguarded. 
  2. Versatile—Giving our customers more options for permission and access customization over generated tokens.
  3. Future-proof—We’re ready to grow with new features for API customers.

2. To whom does this change apply?

All current API customers will need to switch to new API tokens to continue using Grandville Printing API. 

3. When will the changes take effect?

  • On September 30, 2022, the creation of legacy API keys will be disabled in the Grandville Printing Dashboard.
  • On March 30, 2023, the Grandville Printing API will no longer be accessible using legacy API keys. To avoid losing access to the Grandville Printing API, customers will be required to migrate to the new API tokens. The new tokens are more secure and offer greater customization. 

4. How can I migrate to the new API tokens?

1. Generate a new API token.

New API tokens can be created in the Grandville Printing Developers portal using:

  • A Private Token (for features developed for a specific store)
  • A Public App (for developing an application that can be used by other Grandville Printing customers)

image2.png

2. Change the request authentication method.

The new API tokens require OAuth 2.0 authentication. 

All requests will require a change in the authentication method from: 

HTTP basic authentication with an Authorization header with a Base64 encoded API key

otra_bilde.png

To:

OAuth 2.0 authentication with access_token and token_type included in the Authorization header

tresa_bilde.png

Read more about the authentication method in the API Documentation.

5. What are the benefits of migration?

The new API token is much safer as it uses OAuth 2.0. It also allows more control over: 

  1. Identification—custom name and contact email for each token
  2. Expiration date
  3. Scopes that are available for a specific token

ceturta_bilde.png

6. What should I do if I don’t have development resources?

There are other options for performing the migration if you don’t have development resources. For example, you can hire freelance developers on Fiverr.

 

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk