A PHP SDK for the Etsy API v3.

This package is still in development.

PHP 7.1 or greater.

Install the package using composer.

composer require rhysnhall/etsy-php-sdk

Include the OAuth client and Etsy class.

use Etsy\Etsy;
use Etsy\OAuth\Client;

The Etsy API uses OAuth 2.0 authentication. You can read more about authenticating with Etsy on their documentation.

The first step in OAuth2 is to request an OAuth token. You will need an existing App API key which you can obtained by registering an app here.

$client = new Etsy\OAuth\Client($api_key);

Generate a URL to redirect the user to authorize access to your app.

$url = $client->getAuthorizationUrl(
  $redirect_uri,
  $scopes,
  $code_challenge,
  $nonce
);

You must set an authorized callback URL. Check out the Etsy documentation for further information.

Depending on your apps requirements, you will need to specify the permission scopes you want to authorize access for.

$scopes = ["listings_d", "listings_r", "listings_w", "profile_r"];

You can get all scopes, but it is generally recommended to only get what you need.

$scopes = \Etsy\Utils\PermissionScopes::ALL_SCOPES;

You'll need to generate a PKCE code challenge and save this along with the verifier used to generate the challenge. You are welcome to generate your own, or let the SDK do this for you.

[$verifier, $code_challenge] = $client->generateChallengeCode();

The nonce is a single use token used for CSRF protection. You can use any token you like but it is recommended to let the SDK generate one for you each time you authorize a user. Save this for verifying the response later on.

$nonce = $client->createNonce();

The URL will redirect your user to the Etsy authorization page. If the user grants access, Etsy will send back a request with an authorization code and the nonce (state).

https://www.example.com/some/location?
      code=bftcubu-wownsvftz5kowdmxnqtsuoikwqkha7_4na3igu1uy-ztu1bsken68xnw4spzum8larqbry6zsxnea4or9etuicpra5zi
      &state=superstate

It is up to you to validate the nonce. If they do not match you should discard the response.

For more information on Etsy's response, check out the documentation here.

The final step is to get the access token for the user. To do this you will need to make a request using the code that was just returned by Etsy. You will also need to pass in the same callback URL as the first request and the verifier used to generate the PKCE code challenge.

[$access_token, $refresh_token] = $client->requestAccessToken(
  $redirect_uri,
  $code,
  $verifier
);

You'll be provided with both an access token and a refresh token. The access token has a valid duration of 3600 seconds (1 hour). Save both of these for late ruse.

You can refresh your authorization token using the refresh token that was previously provided. This will provide you with a new valid access token and another refresh token.

[$access_token, $refresh_token] = $client->refreshAccessToken($refresh_token);

The Etsy documentation states that refreshed access tokens have a duration of 86400 seconds (24 hours) but on testing they appear to only remain valid for up 3600 seconds (1 hour).

If you previously used v2 of the Etsy API and still have valid authorization tokens for your users, you may swap these over for valid OAuth2 tokens.

[$access_token, $refresh_token] = $client->exchangeLegacyToken($legacy_token);

This will provide you with a brand new set of OAuth2 access and refresh tokens.

Create a new instance of the Etsy class using your App API key and a user's access token.

$etsy = new Etsy\Etsy($api_key, $access_token);

// Get user.
$user = $etsy->getUser();

// Get shop.
$shop = $user->getShop();

// Update shop.
$shop->update([
  'title' => 'My exciting shop!'
]);

When there is more than one result a collection will be returned.

$reviews = $shop->getReviews();

// Get first review.
$first = $reviews->first();

// Get 100 results using pagination.
foreach($reviews->paginate(100) as $review) {
  ...
}

Full documentation will be available soon. Email [email protected] for any assistance.

Help improve this SDK by contributing.

Before opening a pull request, please first discuss the proposed changes via Github issue or email.

This project is licensed under the MIT License - see the LICENSE file for details