OAuth Configuration

Define Your Authorization Process

You will need to start by declaring that your App uses OAuth to obtain credentials. This is done by setting the AuthProcess.Identifier.AuthenticationType = AuthenticationType.OAuth within your AuthProcess:

import {
} from "@shipengine/connect-order-source-api";

export const AuthProcess: AuthSpecification = {
  Identifier: {

    AuthenticationType: AuthenticationType.OAuth,

    IsSandbox: false,

export const Metadata: OrderSourceAppMetadata = {
  Id: "bcce593b-dce3-4491-8722-a56e653c173f",
  Name: "Example",
  OrderSources: [Example],
Pro Tip

It is helpful to give consumers of your application some details about the authorization process they are going to initiate in the AccountConnection.ConnectionFormSchema.

export const ConnectionFormSchema: ReactForm = {
  JsonSchema: {
    title: "Example Merchant Center",
      `Follow these steps to get connected:<br>
       <div class="instructions">
           To connect your Example Merchant Center to ShipStation, simply
           provide the Merchant ID (E.g. "123456789") you intend to use below.
    type: "object",
    required: ["merchantId"],
    properties: {
      merchantId: {
        type: "string",
        title: "Merchant ID",
      helpText: {
        type: "null",
        title: " ",
        description: `<div class="instructions"><ol><li value="2">
          Click <b>Connect</b> to launch Example\'s consent screen, sign in
          with your associated Example account, then authorize ShipStation to
          retrieve your order information.
       <i>In Example\'s <a href="https://merchants.Example.com/" target="_blank">Merchant Center</a>,
       find your merchant ID, which is the number at the top-right corner of
       the page, above the account email address.</i>`,
  UiSchema: {
    "ui:order": ["merchantId", "helpText"],

The next step is to configure the your AuthProcess to describe each step in the authorization process. OAuth is a relatively loose standard, and there are a lot of variations. Follow the instructions for the standard that your application most closely adheres to:


The next step will be to publish your application using the connect publish command.

Request An Installation


Your application must be published before you can establish an "Installation".

Once published, contact a member of the ShipEngine Connect Team to create the Installation. You will need to provide them with any application-level credentials. For OAuth applications, this is usually a Client ID and Client Secret. When the Installation is created, a callback url will be generated. This is the URL that will be specified as the redirect_uri during the OAuth flow.



You may need to go back to the third party's website to add the installation callback url to an allow-list.

You are ready to begin testing your OAuth workflow. Login with the credentials provided to you during the connect publish step, and go to the settings page to add a new connection to your integration.


Integration Auth Version Details
eBay OAuth 2 custom installation properties, base64 encoding installation properties
Google OAuth 2 uses result_token_response
Trade Me OAuth 1 uses auth1 redirector, uses response transformation