To help Wish Private App API integrators better understand the Wish API documentation, what actions can be done via API compared to on Merchant Dashboard, and what features are critical to support when building integration to Wish, we've created the following guide to walk API users through how to get started on creating a private app via API. Please follow each step:
1. Sign up for private app on Wish sandbox environment:
b). Click on Account > API Settings. Create an App Name (use your Company Name). Once you pick an App Name, you may update it at a later time as needed. Redirect URL is needed for OAuth (it’s where the authorization code is sent to, you can alter it at any time).
c). Merchant will be provided with a client ID and client secret, which will be used by the Merchant to do merchant account testing on Wish sandbox (Wish API OAuth process on sandbox requires client ID and client secret).
d) Merchant should conduct all integration tests in sandbox. Only move onto production setup once testing in sandbox is complete.
2. Sign up for private app on Wish production environment
a). If merchant has not done so already, register on Wish.
b). Navigate to the Account > API Settings page on the Merchant Dashboard. Once you pick an App Name, you may update it at a later time as needed. A redirect URL is needed for OAuth (it’s where authorization is sent to, you can alter it at any time).
c). Merchant will be provided with a client ID and client secret, which will be used by the Merchant to do merchant account testing on Wish sandbox (Wish API OAuth process on production requires client ID and client secret).
d). Each merchant is allowed only 1 private app. Merchants are responsible for the data security of their private app (including keeping private their client ID, client secret, access token, and authorization codes). Merchants that do not practice adequate data security risk losing access to the Wish API. If at any point merchant would like to delete the private app, merchant can do so from the Wish Merchant Dashboard on the Account > API Settings page and click on the red “Delete” button.
We encourage that merchants promptly delete inactive private apps that they have previously set up but are no longer using for the security of their Merchant Dashboard data, so that their data is not unnecessarily exposed to a third party.
Upon setting up a private app, if you have shared your oAuth configuration details (such as client secret, client ID, etc.) with unapproved third party entities (third-party apps) or allow them to access your data on the Merchant Dashboard, you are putting the security of your data at risk. We strongly encourage that you delete your private app immediately and switch to using a trusted, Wish-approved public app featured in the Wish App Store.
Note: For links to documentation, tips, tutorials, and more check out the Wish Developers Page.