...

1. Vendor’s app client requires Customer to login to Betfair using Interactive Login method.  
2. Betfair returns Customer’s Session Token to the Vendor’s app client.
3. Vendor’s app client calls getVendorClientId citing Customer’s session token from step 1.
4. Betfair returns Customer’s vendorClientId.
5. Vendor’s App client sends Customer’s vendorClientId to Vendor’s app server.
6. Vendor’s app server calls getApplicationSubscriptionHistory citing Vendor’s Session Token, Vendor’s App Key, and the vendorClientID from step 4.
7. Betfair returns Customer’s complete history for the Vendor’s app (as identified by the app key cited in step 5).  If an empty list is returned then the customer has no current or previous subscription history (i.e. Customer is entirely new).

Vendor Web API

The Vendor Web API is available to licensed Software Vendors who are creating web based applications  The operations enable the web application to carry out operations on the users behalf using the OAuth2 protocol.

OAuth 2 Flow - Creating an Access Token

...

• access_token: the access token, used to call Betfair on the user's behalf 
• token_type: meta data for the access token (see 'Making calls on the user's behalf') 
• expires_in: how long the access token will be valid for (in seconds)
• refresh_token: a token that can be used to create a new access token (see 'Using the refresh token')
• application_subscription: contains the vendor client ID, a unique identifier for a user. Can also contain some subscription related information (See 'Legacy Subscriptions')
  
  

...

...