Establishing a Connection
Connecting to Magento 2.x
To connect, set Schema to "magento2" and set the URL; for example, http://yoursitename/magento2. To authenticate to Magento 2.x server versions, provide the User, Password and the StoreCode of the store you are connecting to.
Connecting to Magento 1.x
To connect, set Schema to "magento1" and set the URL; for example, http://yoursitename/magento1. To authenticate to Magento 1.x server versions, set Schema to "magento1" and provide the values necessary for authentication using the OAuth 1.0 standard. OAuth requires the authenticating user to interact with Magento using the browser. The provider facilitates this in various ways as described below.
Register an Application
Complete the following steps to obtain the OAuth client credentials, the consumer key, and consumer secret:
- Log in to your admin account.
- Select System > Web Services > REST-OAuth Consumers and click Add New.
- Enter a name and callback URL.
Set the callback URL to http://127.0.0.1:33333, or another port of your choice if you are making a desktop application.
If you are making a web application, set the callback URL to the URL where you would like the user to be redirected after authorizing your application.
Assign Roles for API Access
Users' access to certain resources can be set by configuring REST roles and assigning users to the specific REST roles. Complete the following steps to assign a role to a user, such as the admin role. The Customer and Guest REST roles are created by default.
- Select System > Web Services > REST-Roles and click Add Admin Role.
- Select Permissions > Users and select the user you want to assign the REST Admin role to.
Additionally, to use Magento as a customer, make sure you have created a customer account in the Magento home page (Account > Register).
Connecting as an Administrator
The CustomAdminPath property is required if you are accessing Magento as an administrator. The CustomAdminPath property is used to generate admin tokens. This can be left blank if you are accessing Magento as a customer.
You can find the needed value in Magento by selecting System > Configuration > Advanced > Admin > Admin Base URL and checking the value of the Use Custom Admin Path field:
- If the selected value is YES, set the connection property to the value of the Custom Admin Path field.
- If the selected value is NO, set the connection property to "admin", the default path.
Authenticate to Magento from a Desktop Application
After setting the following connection properties, you are ready to connect:
- OAuthClientId: Set to the consumer key in your app settings.
- OAuthClientSecret: Set to the consumer secret in your app settings.
- CallbackURL: Set to the callback URL that you specified.
- InitiateOAuth: Set to GETANDREFRESH. You can use InitiateOAuth to avoid repeating the OAuth exchange and manually setting the OAuthAccessToken connection property.
- CustomAdminPath: If you are connecting as an administrator, set this to the path configured in System > Configuration > Advanced > Admin > Admin Base URL.
- URL: Set to the base URL of your Magento system. For example, https://magentohost/.
- Schema: Set to "magento1".
When you connect, the provider opens the OAuth endpoint in your default browser. Log in and grant permissions to the application. The provider then completes the following OAuth process:
- Extracts the access token from the callback URL and authenticates requests.
- Obtains a new access token when the old one expires.
- Saves OAuth values in OAuthSettingsLocation to be persisted across connections.
Authenticate to Magento from a Web Application
When connecting via a web application, or if the provider is not authorized to open a browser window, you can call stored procedures to authenticate. Set the following connection properties to perform the web OAuth flow:
- OAuthClientId: Set to the consumer key that you received.
- OAuthClientSecret: Set to the consumer secret that you received.
- CustomAdminPath: If you are connecting as an administrator, set to the path configured for your Magento system. You can obtain this value by selecting System > Configuration > Advanced > Admin > Admin Base URL.
- URL: The base URL of your Magento system. For example, https://magentohost/.
- Schema: Set to "magento1".
Complete the following procedure to use stored procedures to authenticate and retrieve the OAuthAccessToken in the web OAuth flow:
- Call GetOAuthAuthorizationURL. The stored procedure returns the URL to the OAuth endpoint, along with the request token and secret.
- Go to that URL and log in to authorize the application. Afterwards, you are redirected back to the callback URL. When you are redirected, the callback URL contains the oauth_verifier and oauth_token query string parameters.
- Set the following parameters and call GetOAuthAccessToken:
Name Value AuthMode WEB Verifier Set this to the oauth_verifier verifier code. AuthToken Set this to the request token. AuthKey Set this to the request token secret.
To make requests to Magento, set the following connection properties:
Customizing the SSL Configuration
By default, the provider attempts to negotiate SSL/TLS by checking the server's certificate against the system's trusted certificate store. To specify another certificate, see the SSLServerCert property for the available formats to do so.
Connecting Through a Firewall or Proxy
To connect through the Windows system proxy, you do not need to set any additional connection properties. To connect to other proxies, set ProxyAutoDetect to false.
In addition, to authenticate to an HTTP proxy, set ProxyAuthScheme, ProxyUser, and ProxyPassword, in addition to ProxyServer and ProxyPort.
Set the following properties:
- To use a proxy-based firewall, set FirewallType, FirewallServer, and FirewallPort.
- To tunnel the connection, set FirewallType to TUNNEL.
- To authenticate, specify FirewallUser and FirewallPassword.
- To authenticate to a SOCKS proxy, additionally set FirewallType to SOCKS5.
Troubleshooting the Connection
To show provider activity from query execution to network traffic, use Logfile and Verbosity. The examples of common connection errors below show how to use these properties to get more context. Contact the support team for help tracing the source of an error or circumventing a performance issue.
- Authentication errors: Typically, recording a Logfile at Verbosity 4 is necessary to get full details on an authentication error.
- Queries time out: A server that takes too long to respond will exceed the provider's client-side timeout. Often, setting the Timeout property to a higher value will avoid a connection error. Another option is to disable the timeout by setting the property to 0. Setting Verbosity to 2 will show where the time is being spent.
- The certificate presented by the server cannot be validated: This error indicates that the provider cannot validate the server's certificate through the chain of trust. If you are using a self-signed certificate, there is only one certificate in the chain.
To resolve this error, you must verify yourself that the certificate can be trusted and specify to the provider that you trust the certificate. One way you can specify that you trust a certificate is to add the certificate to the trusted system store; another is to set SSLServerCert.