{
"openapi": "3.0.0",
"info": {
"title": "Developer Registration API",
"description": "Note: The Client Registration API is not intended for use by developers who have previously registered for a Developer Account on the eBay platform.
The Client Registration API provides Dynamic Client Registration for regulated Third Party Providers (TPPs) who are, or will be, engaged in financial transactions on behalf of individuals domiciled in the EU/UK. This is required by the EU's Second Payment Services Directive (PSD2) which requires all regulated Account Servicing Payment Service Providers (ASPSPs) to provide secure APIs to access account and payment services on behalf of account holders.
A successful registration response returns a HTTP 201 Created status code with a JSON payload [RFC7519] that includes registration information.",
"contact": {
"name": "eBay Inc,"
},
"license": {
"name": "eBay API License Agreement",
"url": "https://go.developer.ebay.com/api-license-agreement"
},
"version": "v1.0.0"
},
"servers": [
{
"url": "https://tppz.ebay.com{basePath}",
"description": "Production",
"variables": {
"basePath": {
"default": "/developer/registration/v1"
}
}
}
],
"paths": {
"/client/register": {
"post": {
"tags": [
"register"
],
"description": "Note: The Client Registration API is not intended for use by developers who have previously registered for a Developer Account on the eBay platform.
This call registers a new third party financial application with eBay.
Important! When calling the registerClient method, Third Party Providers (TPPs) are required to pass their valid eIDAS certificate to eBay via Mutual Transport Layer Security (MTLS) handshake Certificate Request messages.
client_id
was issued. This time is represented as the number of seconds from \"1970-01-01T00:00:00Z\", as measured in UTC, until the date/time of issuance. Refer to RFC 7591 - OAuth 2.0 Dynamic Client Registration Protocol for complete information.",
"format": "int32"
},
"client_name": {
"type": "string",
"description": "User-friendly name for the third party financial application.client_name
will be specified in English."
},
"client_secret": {
"type": "string",
"description": "A unique OAuth 2.0 secret string assigned by eBay to the third party application at the time it is registered. This value should be unique for multiple instances of a client using the same client_id
. This value is used by confidential clients to authenticate to the token endpoint, as described in OAuth 2.0 [RFC6749], Section 2.3.1.client_secret
is unique to the organization identifier of subject name which contains jurisdiction, NCA Id, and Authorization Number."
},
"client_secret_expires_at": {
"type": "integer",
"description": "The UNIX timestamp when the client_secret
expires.client_secret
has been provided, this field is REQUIRED.client_secret
never expires.authorization_code
: The authorization code grant type defined in OAuth 2.0, Section 4.1.client_credentials
: The client credentials grant type defined in OAuth 2.0, Section 4.4.grant_type
parameter passed to the token endpoint defined in the grant type definition. Authorization servers may allow for other values as defined in the grant type extension process described in OAuth 2.0, Section 4.5. If omitted, the default behavior is that the client will use only the authorization_code
Grant Type.",
"items": {
"type": "string"
}
},
"policy_uri": {
"type": "string",
"description": "The URL string pointing to a human-readable privacy policy document that describes how the third party provider collects, uses, retains, and discloses personal data.policy_uri
strings.policy_uri
will be displayed in English."
},
"redirect_uris": {
"type": "array",
"description": "An eBay system-generated value assigned to the application. This value represents the redirect uri(s) submitted by the user either in the request payload (i.e., the redirect_uris
field,) or the software_statement
.",
"items": {
"type": "string"
}
},
"scope": {
"type": "string",
"description": "String containing a space-separated list of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749]) that the client can use when requesting access tokens. The semantics of values in this list are service specific."
},
"software_id": {
"type": "string",
"description": "A unique identifier string provided by the client developer or software publisher at the time of registration that identifies the client software being registered.client_id
which should change between instances, the software_id
should be the same value for all instances of the client software. That is, the software_id
should remain unchanged across multiple updates or versions of the same piece of software."
},
"software_statement": {
"type": "string",
"description": "The Software Statement Assertion (SSA), a JSON Web Token (JWT), that has been issued by the OpenBanking identifier. Refer to RFC 7591 - OAuth 2.0 Dynamic Client Registration Protocol for complete information."
}
},
"description": "This container stores information about the third party provider's financial application that has been registered with eBay."
},
"ClientSettings": {
"type": "object",
"properties": {
"client_name": {
"type": "string",
"description": "User-friendly name for the third party financial application.client_name
must be specified in English."
},
"contacts": {
"type": "array",
"description": "This container stores an array of email addresses that can be used to contact the registrant.policy_uri
strings.policy_uri
will be displayed in English."
},
"redirect_uris": {
"type": "array",
"description": "An array of redirection URI strings for use in redirect-based flows such as the authorization code and implicit flows.client_id
which should change between instances, the software_id
should be the same value for all instances of the client software. That is, the software_id
should remain unchanged across multiple updates or versions of the same piece of software. The value of this field is not intended to be human readable and is usually opaque to the client and authorization server."
},
"software_statement": {
"type": "string",
"description": "The Software Statement Assertion (SSA) that has been issued by the OpenBanking identifier.