How to Connect eBay Shopping Cart to API2Cart

To connect eBay shopping cart to API2Cart, you’ll need a few parameters and a developer account on eBay. This guide will walk you through the steps, so you can successfully integrate your eBay shopping cart and start managing items and orders easily.

Required Parameters for eBay Shopping Cart Integration

To set up the connection, collect the following parameters:

  • ebay_client_id: eBay Client ID
  • ebay_client_secret: eBay Client Secret
  • ebay_refresh_token: eBay Refresh Token
  • ebay_environment: Environment (Sandbox or Production)
  • ebay_site_id: Site ID (optional, default is 0)

connect eBay shopping cart to API2Cart

How to Get Developer Access

Register or log in on the eBay Developer Portal. Your application keys are found here. You’ll need the App ID and Cert ID for production or sandbox usage.

ebay developer keys

Generate the eBay Refresh Token

Go to the User Tokens section. Under "Get a Token from eBay via Your Application," add your eBay Redirect URL.

ebay user tokens

Enable OAuth for this URL and click Save.

enable ebay oauth

Test Login and Retrieve Code

Next, go to OAuth and click Test Sign-In. Login with your seller account. For sandbox, create one here.

ebay sign in

Once logged in, you’ll be redirected to your app with a code in the URL, like this:

code:v^1.1#i^1#r^1#p^3#f^0#I^3#t^Ul41Xzg6MDM5RENGM0E3NEIxNTJDQkU5QTRfMV8xI0VeMTI4NA==

Exchange Code for Refresh Token

To get the refresh token, send a POST request to:

  • https://api.ebay.com/identity/v1/oauth2/token (production)
  • https://api.sandbox.ebay.com/identity/v1/oauth2/token (sandbox)

Include the following parameters:

  • grant_type: authorization_code
  • redirect_uri: Your redirect URL
  • code: The code from the login

get ebay refresh token

Finalize API2Cart Integration

Use the refresh token and other parameters to add your eBay store to API2Cart.

ebay_environment: Use “Sandbox” or “Production” depending on testing needs.

ebay_site_id: Defaults to 0. More details here.

Account Deletion Webhook Setup

Subscribe to the “Marketplace Account Deletion” event in eBay’s production environment. This step is crucial for security and compliance.

ebay deletion alert

Create a Callback

  • Callback URL: Your endpoint URL
  • Method: POST
  • Headers & Body: Set as needed (JSON recommended)

Your endpoint should respond like this:

{ "challengeResponse": "52161ff4651cb71888801b47bae62f44d7f6d0aab17e70d00f64fc84368ca38f" }

Use a tool like Pipedream for testing. More on this here.

ebay webhook response

Once your callback is verified, eBay will send notifications to your specified endpoint.

Refresh Token Expiry & Lifecycle

Refresh token lifetime: ~18 months. eBay refresh tokens remain valid across sessions for up to 18 months unless explicitly revoked.

Possible causes of early invalidation:

  • User changes their eBay password or member login name.
  • User manually revokes the app’s access via “Third‑party app access” settings.
  • eBay proactively revokes tokens due to detected security issues (e.g., suspicious activity).

Action required: If the refresh token expires or is revoked, the user must complete the OAuth consent flow again to obtain a new refresh token.

In this case, the API will return the following error:

{
  "return_code": 100,
  "return_message": "Specified credentials invalid or expired (failed to refresh access token)",
  "result": {}
}

For more information, refer to the official eBay documentation.