If your shopping cart, and/or custom integration to Shipwire is currently using your Administrative user (i.e. your main Shipwire login) to access Shipwire, please read this article.
Why API Users are better
With Shipwire’s support for multi-user accounts, you can control the access that your 3rd party shopping carts, e-commerce platforms, or custom applications have to your Shipwire account. You can do this easily by creating a user with an API role type. The API role is only given access to your Shipwire account through the application programming interface – which provides the necessary connection points for applications to interact with Shipwire (e.g. obtaining shipping rates, submitting orders, realtime inventory, tracking information, etc.). An API user role cannot login to your Shipwire user interface. This provides your account with an added level of security, and with more flexibility to make account changes with limited impact (e.g. changing your Administrative account password without breaking existing cart connections, or restricting access to a specific cart that you are no longer using without having to change your own account username and password).
You can create as many API users as you like. Each of these will have a username of your choice, and you can generate up to two access keys per user. You can also expire/refresh these access keys within the Shipwire UI for each of these API users if you are logged in as the administrator.
Moving from Administrative Access to API User Access
To ensure a seamless transition from your Administrative account API access to this new user type, follow these steps in order:
Step 1. Is your cart, or application, currently using the Shipwire API? Although the majority of Shipwire’s pre-built e-commerce integrations do, a few do not (e.g. Amazon). If you have any doubts, please check with Shipwire customer care to be sure. If the answer is yes, go to Step 2. Otherwise, jump to Step 4.
Step 2. Create your API user(s) via the “Users and Roles” page in Shipwire. We recommend setting up each distinct integration with its own API user, as that will give you the ability to enable/disable them individually in the future. Once you have created the API user(s), you can log in to Shipwire with your administrator credentials and generate access keys for each API user. Do not make any changes to your administrator username and password yet.
Step 3. In your shopping cart setup or your own application, change how Shipwire is being accessed by entering the new API username and access key (where you previously had your Administrator username and password). If your cart/application allows for it, we recommend making changes in a non-production environment first, to ensure that all works as expected before doing the same in your production setup. If this is not possible, Shipwire recommends making this change during non-peak hours or you may contact our Shipwire Customer Care team to help coordinate the transition. After you enter your new API User/token, you should be able to see all your existing functionality working after making the necessary changes on the cart/application side (e.g., obtaining rating data or submitting a test order).
If you have any concerns about your specific cart/application, and how to go about transitioning to an API user role, we strongly recommend that you contact Shipwire Customer Care before doing any of this.
Step 4. Once you have confirmed that your integrations are working correctly with your new API Users, you can now go about changing your Administrative user password as needed. If you do make this change, you should again run through a complete checkout flow on your different cart(s) and make sure that all works as expected. If something no longer works, this is a sign that you missed something in your cart/application setup. You can quickly recover by updating your Shipwire Administrative password back to what it was, before tying to find the missing setup in your cart/application. Once all works as expected, you can change your Shipwire Administrator password back to what it was.
Step 5. You’re done. You can now make any necessary changes on the Administrator side of your Shipwire account without having to worry about it impacting your integrations. And you can easily turn off, or add, new API user connections as desired. Just keep in mind that any new API additions that replace an existing connection would need to be tested as described above.