Authentication & Authorization¶

All requests to BrickLink REST API requires you to authenticate using OAuth 1.0 like - but simpler flow. You can authorize your requests by following the steps below:

Register as an API consumer¶

BrickLink API will assign an OAuth consumer key and consumer secret.

Register IP addresses of your endpoint client¶

• Access tokens and token secrets will be issued for each of your IP addresses.
• You can access the BrickLink resources with the token only from the registered location.
• Since the access token has no expiration date, token secret should be stored securely. (If it is exposed, you should reissue it)
• API Sandbox does not require IP address for convenience.

Make the request with OAuth protocol parameters¶

• The parameters are sent in either the HTTP Authorization header or query part of the URL with JSON format.
• All parameter names and values are escaped using the RFC3986 percent-encoding (%xx) mechanism.

Prameter Details¶

Example¶

The request for the orders you received is:

https://blapitest.ubifun.com/api/store/v1/orders?direction=in

Authorization: OAuth realm="",
oauth_consumer_key="7CCDCEF257CF43D89A74A7E39BEAA1E1",
oauth_token="AC40C8C32A1748E0AE1EFA13CCCFAC3A",
oauth_signature_method="HMAC-SHA1",
oauth_signature="0IeNpR5N0kTEBURcuUMGTDPKU1c%3D",
oauth_timestamp="1191242096",
oauth_nonce="kllo9940pd9333jh",
oauth_version="1.0" 

And if using query parameters:

https://blapitest.ubifun.com/api/store/v1/orders?direction=in&Authorization={"oauth_signature"%3A"0IeNpR5N0kTEBURcuUMGTDPKU1c%3D"%2C"oauth_nonce"%3A"kllo9940pd9333jh"%2C"oauth_version"%3A"1.0"%2C"oauth_consumer_key"%3A"7CCDCEF257CF43D89A74A7E39BEAA1E1"%2C"oauth_signature_method"%3A"HMAC-SHA1"%2C"oauth_token"%3A"AC40C8C32A1748E0AE1EFA13CCCFAC3A"%2C"oauth_timestamp"%3A"1191242096"}