Moving API access from administrator to API roles
If your shopping cart, and/or custom integration to Shipwire is currently using your Administrative user (i.e. your main Shipwire login) to access Shipwire, please read this article.
Why API Users are better
With Shipwire’s support for multi-user accounts, you can control the access that your 3rd party shopping carts, e-commerce platforms, or custom applications have to your Shipwire account. You can do this easily by creating a user with an API role type. The API role is only given access to your Shipwire account through the application programming interface – which provides the necessary connection points for applications to interact with Shipwire (e.g. obtaining shipping rates, submitting orders, realtime inventory, tracking information, etc.). An API user role cannot login to your Shipwire user interface. This provides your account with an added level of security, and with more flexibility to make account changes with limited impact (e.g. changing your Administrative account password without breaking existing cart connections, or restricting access to a specific cart that you are no longer using without having to change your own account username and password).
You can create as many API users as you like. Each of these will have a username of your choice, and be assigned a unique Shipwire token (i.e. password). [Note: Some applications call an auto-generated password token a “key”]. This combination of username and token will be what your shopping cart, and/or your custom application, need to connect to your Shipwire account.
Moving from Administrative Access to API User Access
To ensure a seamless transition from your Administrative account API access to this new user type, follow these steps in order:
Step 1. Is you cart, or application, currently using the Shipwire API? Although the majority of Shipwire’s pre-built e-commerce integrations do, a few do not (e.g. Amazon). If you have any doubts, please check with Shipwire customer care to be sure. If the answer is yes, go to Step 2. Otherwise, jump to Step 4.
Step 2. Create the API user(s) you want to use. Shipwire recommends tracking each distinct integration with its own API user/token, as that will give you ability to enable/disable them individually in the future. Once you have created the API user(s), you will receive an email with your system generated token (also called a “key” or password) to use. Do not make any changes to your Administrative username and password yet
Step 3. In your shopping cart setup, or your own application, change how Shipwire is being accessed by entering the API username and token (where you previously had your Administrative username and password). If your cart/application allows for it, we recommend making changes in a non-production environment first, to ensure that all works as expected before doing the same in your production setup. If this is not possible, Shipwire recommends making this change during non-peak hours, and feel free to coordinate the change with Shipwire Customer Care. After you enter your new API User/Token, you should be able to see all of your existing functionality working after making the necessary changes on the cart/application side (e.g. rating, or submitting a test order).
If you have any concerns about your specific cart/application, and how to go about transitioning to an API user role, we strongly recommend that you contact Shipwire Customer Care before doing any of this.
Step 4. Once you have confirmed that your integrations are working correctly with your new API Users, you can now go about changing your Administrative user password as needed. If you do make this change, you should again run through a complete checkout flow on your different cart(s) and make sure that all works as expected. If something no longer works, this is a sign that you missed something in your cart/application setup. You can quickly recover by updating your Shipwire Administrative password back to what it was, before tying to find the missing setup in your cart/application. Once all works as expected, you can change your Shipwire Administrator password back to what it was.
Step 5. You’re done. You can now make any necessary changes on the Administrator side of your Shipwire account without having to worry about it impacting your integrations. And you can easily turn off, or add, new API user connections as desired. Just keep in mind that any new API additions that replace an existing connection would need to be tested as described above.