Authenticating with REST oauth APIs

In 2023 most of the shipping carriers released new APIs (UPS-REST, FedEx-REST, USPS-REST) that authenticate with oauth expiring tokens. You can no longer pass static credentials to make API requests. You need to generate a token that is good for ~1-8 hours and use that token for API requests. Unfortunately, this means you need to temporarily store the token.

You can generate this token using the RocketShipIt Authenticate call.

Examples:

Example response:

{
  "data": {
    "access_token": "eyJraWQiOiI2NGM0YjYyM...",
    "errors": null,
    "expires_at": 1717194275247, // unix timestamp in milliseconds
    "expires_in": 14399, // seconds
    "issued_at": 1717179876247, // unix timestamp in milliseconds 
    "scope": "",
    "token_type": "Bearer"
  
  },
  "meta": {
    "code": 200,
    "error_message": ""
  }
}

expires_in is seconds left until expiration. Ex: 14,000 / 60 / 60 = ~4 hours.
issued_at is a Unix epoch timestamp but in milliseconds instead of seconds
access_token this is the key you will use in subsequent requests.

If you need help converting milliseconds to a time object see: https://currentmillis.com/

Example next request:

{
  "carrier": "UPS-REST",
  "action": "Track",
  "params": {
    "key": "eyJraWQiOiI2NGM0YjYyM...",
    "tracking_number": "1Z12345E0205271688",
      "test": true
  }
}

For low volume and quick testing you can have RocketShipIt request a key on each request (not recommended for production):

{
  "carrier": "UPS-REST",
  "action": "Track",
  "params": {
    "client_id": "specify this while omitting key",
    "client_secret": "and RocketShipIt will make the Authenticate call for you and fill out the key param",
    "tracking_number": "1Z12345E0205271688",
      "test": true
  }
}

Enable each service in our Oauth application

Shipping carriers also require you to request each individual service/action within the API. Make sure you enable all of these you intend to use:

FedEx Oauth