The MercadoLibre resources (API) can be divided between Public and Private resources. Public resources, such as Search and several metadata information, can be accessed anonymously, while private resources like List an Item require authentication. Basically, you need an access token.
There are two ways to obtain that access token, and always it lasts for 6 hours.
- Client Side Authentication
- This option is useful for app executing on client-side.
- Server Side Authentication
- This option is better for applications executing on server-side. For instance, for backend applications, this option is better because the access token can be renewed automatically.
In this SDK the second option is considered.
GeneXus Meli SDK provides a Web Panel object in order to allow you obtain and store your access token.
First of all, you need to set the Authorization Redirect Url on your Application Page and set the offline access scope. GeneXus SDK includes a procedure called MeliAfterLogin that can be used for that purpose:
Copy the credentials (Application ID and Secret Key) from the Developer Portal, and then paste those values on the GetClientCredentials Procedure.
After that execute the MeliLogin Web Panel and click in the Get Authorization Code link:
This link redirects you to Mercado Libre's Login in order to authorize your application.
Finally, it backs to your site using the redirect URL previously configured.
After these steps, Genexus SDK will generate a new record in the table User and Session with the access token and refresh token. This information is showed in the web page just in case you want to store in another place.
In order to get the access token to call private apis, call the Procedure GetSessionToken. It will return always a valid token.