Skip to main content

Authorization

Follow this guide to create a new eBay Finances credential that will allow Nexla to authenticate to and exchange data with your eBay seller account via the eBay Finances API.
ebay_finances_api_auth.png

eBay Finances

Prerequisites

The eBay Finances API uses eBay's OAuth 2.0 authorization-code (3-legged) flow, which means sellers must explicitly grant your registered eBay application permission to access their financial data. Before creating a credential in Nexla, complete the steps below to register an application in the eBay Developer Program and obtain the required OAuth credentials.

Register an Application in the eBay Developer Program

  1. Sign in to the eBay Developer Program at developer.ebay.com using your eBay account credentials. If you do not already have a Developer Program account, click Join the eBay Developers Program to register for free.

  2. After signing in, navigate to My Account in the top navigation bar and select Application Keys from the dropdown menu.

  3. On the Application Keys page, click the Create a keyset button to begin creating a new application keyset.

  4. Enter a descriptive title for your application in the Application Title field (for example, Nexla Financial Data Integration).

  5. Select Production as the environment for connecting to live seller data. Select Sandbox only when testing with non-live credentials.

  6. Click Continue to create the keyset. eBay will generate the following credentials for your application:

    • App ID (Client ID) — The public identifier for your application. This value is used as the OAuth client ID in Nexla.

    • Cert ID (Client Secret) — A confidential value used to authenticate token requests. Treat this like a password and never share it publicly or include it in source code repositories.

    • Dev ID — A developer-level identifier tied to your Developer Program account. This value is not required for the Nexla credential.

  7. Copy and store the App ID and Cert ID values securely, as you will need them when configuring the credential in Nexla.

Configure a RuName (Redirect URL)

The 3-legged OAuth flow requires an eBay RuName (Redirect URL Name), which is an eBay-assigned identifier for the redirect URI that eBay uses to return the authorization code after a seller approves the request.

  1. From the Application Keys page, click User Tokens (or navigate to Get a Token from eBay via Your Application) for your Production keyset.

  2. In the eBay Redirect URL section, click Add eBay Redirect URL.

  3. Enter a display title and the redirect URI provided by your Nexla OAuth integration. Nexla handles the OAuth callback automatically; refer to your Nexla account settings or Nexla support for the correct redirect URI value.

  4. Copy the generated RuName value and store it for reference. eBay uses this value to validate that redirect requests originate from your registered application.

Confirm the sell.finances OAuth Scope

The eBay Finances API requires the https://api.ebay.com/oauth/api_scope/sell.finances OAuth scope. This scope grants read access to the seller's payout, transaction, transfer, and funds-summary data within eBay's managed payments platform.

  1. On the Application Keys page, click OAuth Scopes next to your Production keyset to view the scopes assigned to your application.

  2. Verify that https://api.ebay.com/oauth/api_scope/sell.finances is listed. If it is not present, update the keyset configuration to include this scope before proceeding.

Only sellers enrolled in eBay managed payments can use the Finances API. A seller who has not yet been enrolled in managed payments will not be able to complete the OAuth authorization step. For additional details, see the eBay Finances API Overview in the eBay Developers Program documentation.

Create an eBay Finances Credential

  • To create a new eBay Finances credential, after selecting the data source type, click the Add Credential tile to open the Add New Credential overlay.

Credential Name & Description

  1. Enter a name for the credential in the Credential Name field and a short, meaningful description in the Credential Description field.

    Resource descriptions are recommended but are not required. They should be used to provide information about the resource purpose, data freshness, etc. that can help the owner and other users efficiently understand and utilize the resource.

eBay OAuth 2.0 (3-Legged) Settings

The eBay Finances API uses a 3-legged OAuth 2.0 authorization-code flow. In this flow, an eBay seller explicitly grants your registered application permission to access their financial data. Nexla acts on behalf of the seller using the resulting access and refresh tokens once authorization is complete.

  1. Confirm or enter the eBay authorization endpoint in the Authorization URL field. For the production environment, this value is pre-filled as:

    https://auth.ebay.com/oauth2/authorize

    This is the eBay endpoint where the seller will be redirected to sign in and grant permission to your application. Use the sandbox authorization URL (https://auth.sandbox.ebay.com/oauth2/authorize) only when testing with sandbox credentials.

  2. Enter your eBay App ID in the Client ID (App ID) field. This is the public identifier generated when you created the application keyset in the eBay Developer Program.

  3. Confirm the OAuth scope in the Access Scope field. The required scope for the eBay Finances API is pre-filled as:

    https://api.ebay.com/oauth/api_scope/sell.finances

    If your application requires additional eBay OAuth scopes, add them as a space-separated list in this field.

  4. Confirm or enter the eBay token endpoint in the Token URL field. For the production environment, this value is pre-filled as:

    https://api.ebay.com/identity/v1/oauth2/token

    This is the endpoint where Nexla exchanges the authorization code for an access token and refresh token after the seller completes the authorization step. Nexla automatically refreshes tokens before they expire, so no manual token management is required. Use the sandbox token URL (https://api.sandbox.ebay.com/identity/v1/oauth2/token) only when using sandbox credentials.

  5. Enter your eBay Cert ID in the Client Secret (Cert ID) field. This is the confidential credential generated alongside your App ID in the eBay Developer Program. The Cert ID authenticates your application during the token exchange request.

    Important

    The Cert ID (Client Secret) is used to access sensitive seller financial data. Never share this value publicly, include it in source code repositories, or expose it in client-side code. Store it securely in a secrets manager or credential vault.

  6. After entering all credential details, Nexla will initiate the OAuth authorization flow. The seller whose financial data will be accessed must sign in to their eBay account on the eBay authorization page and click Agree to grant the sell.finances scope to your application. Upon successful authorization, Nexla will automatically exchange the authorization code for access and refresh tokens.

Save the Credential

  1. Once all of the relevant steps in the above sections have been completed, click the Save button at the bottom of the overlay to save the configured credential.

  2. The newly added credential will now appear in a tile on the Authenticate screen during data source creation and can be selected for use with a new eBay Finances data source.