When trying to get some integration happening with my Etsy shop I found that there there was some documentation that existed for PHP and other web technologies but there seemed to be nothing written about Etsy API OAuth and Postman. Hopefully this can make someones life easier in the future.
For Etsy shop owners such as myself, the first thing that’s needed is to obtain an API key and Secret. This can be done by going to https://www.etsy.com/developers, click on ‘Create a new app’ under the ‘Your developer account’ menu and fill out the form to obtain the API key and Secret
You can now use the API key to make unauthenticated calls to the parts of the Etsy API that do not require authentication. If you’re a shop owner and want to interact with the private shop data, you will need to go through the oauth process.
Using Postman, the first step is to make a call to the https://openapi.etsy.com/v2/oauth/request_token endpoint using the API key and Secret.
In Postman create a new request, set the url to https://openapi.etsy.com/v2/oauth/request_token and leave the HTTP method as GET. Create a new query param named ‘scope’ and set the value to: transactions_r. Refer to the etsy oauth documentation for more info on the different scopes. Select the Authorization tab and set the ‘TYPE’ to OAuth 1.0, the ‘Add authorization data to’ to Request Headers, the ‘Signature Method’ to HMAC-SHA1, The ‘Consumer key’ to your Etsy API key and the ‘Consumer Secret’ to your Etsy Secret.
Click ‘SEND’ and you should receive a response like: login_url=https%3A%2F%2Fwww.etsy.com%2Foauth%2Fsignin%3Foauth_consumer_key%XXX%26oauth_token%YYY%26service%3Dv2_prod&oauth_token=YYY&oauth_token_secret=AAA&oauth_callback_confirmed=true&oauth_consumer_key=XXX&oauth_callback=oob
Use a url decoder to decode the value of login url and you will get something like this: https://www.etsy.com/oauth/signin?oauth_consumer_key%XXX&oauth_token%YYY&service=v2_prod&oauth_token=YYY&oauth_token_secret=AAA&oauth_callback_confirmed=true&oauth_consumer_key=XXX&oauth_callback=oob
Write down the value of oauth_token and oauth_token_secret. You’ll need these for the next Postman call
Paste this value into the address bar of your browser and navigate to the web page. You may need to login to Etsy if you aren’t already. You will be presented with a web page notifying you that you are about to allow access to the Etsy API app you created. Click the button to allow and you will be shown an identifier.
The next step is to create the next Postman call. Create a new request in postman and set the following:
HTTP method: GET
url: https://openapi.etsy.com/v2/oauth/access_token
In the Authorization TAB:
TYPE: OAuth 1.0
Add authorization data to: Request Headers
Signature Method: HMAC-SHA1
Consumer key: Etsy API key
Consumer Secret: Etsy Secret
Access Token: value of oauth_token
Token Secret: value of oauth_token_secret
Expand Advanced:
Verifier: the value supplied by Etsy when allowing access.
Click SEND and you should receive the following:
oauth_token=TOKEN&oauth_token_secret=SECRET
You can now use these values to make authenticated calls to etsy to access private data:
