Third-party applications can request access to your account in order to provide you with helpful tools. We explain how your password is always secure.
In this edition of our Handmade Code series, Etsy Admin Justin explains a change in how third-party applications connect to your Etsy account. We all know that we shouldn't give our Etsy passwords out to anyone. A password is a bit like the key to your car: it gives unlimited access. But some cars also come with a "valet key" that allows someone else to use your car temporarily. The valet key usually has some restrictions — it might only open the driver's side door, or it might even limit the speed of the car. The valet key lets you turn your car over to the parking attendant, while still keeping overall control of the situation. Bear with me while I explain why the metaphor is relevant. Until recently, independent software developers who wanted to make neat and helpful applications for Etsy sellers and shoppers could only "read" from the site. That means they could display the information already on Etsy in a million different ways, but they couldn't give tools to their users to create new information on Etsy. In the terminology of developers, they couldn't "write" to the site. So, tasks like uploading new listings, adding and removing Favorites, and many other common functions could only be done directly on Etsy.com. This is about to change. Recently, we've made a feature called OAuth available to our developer community. OAuth is an open web standard, used by many sites including Google. Think of OAuth as the valet key to your Etsy account. Here's how it works:
- You visit an application and it asks permission to access your Etsy account. (By now you've pulled into the parking lot of a fancy restaurant.)
- The application directs you to a special approval page on Etsy. You'll be asked to sign in to Etsy if you haven't signed in recently. The application won't be able to access your account and allow you to take actions unless you click the blue "Allow Access" button on the approval page. (This is like the parking attendant asking for your key.)
- After you approve the access, you're either taken back to the application, or you're asked to return to the application and enter a special "verifier" code. The application is now linked to your Etsy account. (You have turned your valet key over to the parking attendant.)
- The application will stay linked to your account, and you won't need to approve it again the next time you use it. At any time, you can visit Your Etsy and revoke the access you've granted to any application. (This is like getting your key back at the end of the night.)
- You will need to repeat this process again for each application you wish to use with your account. You can see a list of all the applications you've authorized in Your Etsy.
- Add and remove Favorites
- Read your Favorites, if you've made them private
- Read your sales and purchase history
- Create and edit listings
- Manage shipping profiles
- Manage your payment options
- Create and edit shop sections
- Read your billing and payment history
- 200markets: Displays recent listings from your favorite shops
- Metricly: A dashboard that aggregates all your sales statistics
- Craftopolis: Displays a calendar with your sales totals, favorites activity, and views