Log in and authorize app scope
-
On the App Log-in URL, a seller logs into the solution provider’s webpage, if not logged in already.
Note: The App Log-in URL and Auth Callback URL might vary depending on applications. All parameters are mandatory unless specified as optional.
The solution provider’s application loads the Walmart callback URL into the seller’s browser, adding the following parameters:
| Parameter | Description |
|---|---|
| responseType | Indicates the OAuth grant type to be used. For authorization code grant type, reponseType=code |
| clientId | Pre-registered identifier that uniquely identifies a solution provider app |
| redirectUri | Auth Callback URL of the solution provider app |
| clientType | Type of client by marketplace locations. (1) For the US marketplace: clientType=seller; (2) Other marketplace locations: clientType=seller-{market} where {market} field can be ca or mx. ca: Canada; mx: Mexico |
| nonce | Random or pseudo random number used only once to prevent replay attacks. For example, L8VYPBYOO5. |
| state | Opaque value passed by the solution provider app to maintain a state between the request and the callback. Solution provider app should check for equality of state returned in the response and state that they send in the request |
For example:
Please note that ‘nonce’ is a randomly generated alphanumeric string, for example, ’22e0688e’, ’91d86d9′, or ‘1opjmhumpr’. This parameter is utilized solely in the process of authorization redirect, providing an extra layer of security. It’s important to note that the ‘nonce’ is not necessary for other API calls such as those involving access tokens or refresh tokens.
- Walmart displays an authorization request page to notify a seller on requested scopes.
-
If a seller is not signed into the Walmart Seller Center, or their login expires, they will be prompted to sign in before the authorization request page.
-
The seller authorizes the app by selecting Authorize.
Updated about 1 month ago