OAuth2

The OAuth2 mode requires that your administrative contact, i.e. the legal or technical manager of the Marketplace you want to integrate, has opened a technical account for you from their own Merchant Back Office account.

After that:

Sign in to the Merchant Back Office with your own login details.
At the top right of the screen, open the drop-down menu under your name, and click Settings.
Click on the API Key tab to retrieve your keys for the test and production environments.

To generate an access token, you must make a POST request to the following address: https://account.lyra.com/auth/realms/marketplace/protocol/openid-connect/token

(same address for both environments) with the following parameters in the application/x-www-form-urlencoded format:

grant_type: client_credentials
client_id: CLIENT_ID (consisting of the first letters of the first and last name, followed by a "_" and the uuid of the Marketplace).
client_secret: CLIENT_SECRET (corresponding to the “API Key”, a 32-character string in uuid format)

The access token is returned in the access_token field.

The access token has a limited lifetime. You must set up a method for retrieving a new token at no more than every 300 seconds (5 minutes).

A request submitted with an expired authentication token will be rejected with an HTTP 307 code.

The refresh_token is not used for the Marketplace.

Example of obtaining the authentication token in PHP

<?php
require 'vendor/autoload.php';
use GuzzleHttp\Client;
$MARKETPLACE_UUID = "57595c55-b096-41d8-9287-b98640de3f25";
$USERNAME = 'mdupont';
$CLIENT_ID = $USERNAME."_".$MARKETPLACE_UUID;
$CLIENT_SECRET = "aaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee";
$AUTH_URL = "https://account.lyra.com/auth/realms/marketplace/protocol/openid-connect/";
$API_URL = "https://secure.lyra.com/marketplace-test/v1/";
session_start();
function getAccessToken() {
    global $AUTH_URL, $CLIENT_ID, $CLIENT_SECRET;
    $expire_next = $_SESSION['expires_next'];
    if (!$_SESSION['token'] || !$expire_next || time() >= $expire_next - 2) {
        $client = new Client(["base_uri" => $AUTH_URL]);
        $response = $client->request('POST', 'token',
            ['form_params' => [
                'grant_type' => 'client_credentials',
                'client_id' => $CLIENT_ID,
                'client_secret' => $CLIENT_SECRET
            ]]
       );
        $body = $response->getBody();
        $data = json_decode($body->getContents());
        $_SESSION['token'] = $data->access_token;
        $_SESSION['expires_next']= time() + $data->expires_in;
    }
    return $_SESSION['token'];
}
function getMarketplaceDetails() {
    global $API_URL, $MARKETPLACE_UUID;
    $token = getAccessToken();
    $client = new Client(["base_uri" => $API_URL]);
    $response = $client->request('GET', "marketplaces/$MARKETPLACE_UUID",
        ['headers' => ['Authorization' => "Bearer $token"]]
   );
    $body = $response->getBody();
    return $body->getContents();
}
echo getMarketplaceDetails();

Categories

Tags

OAuth2