Versions Compared

Old Version 39

changes.mady.by.user PepikM

Saved on

compared with

New Version 40

changes.mady.by.user PepikM

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

 

There are two separate methods available to Vendors.

...

  1. Vendor’s app client requires Customer to login to Betfair using Interactive Login method.  
  2. Betfair returns Customer’s Session Token to the Vendor’s app client.
  3. Vendor’s app client calls getVendorClientId citing Customer’s session token from step 1.
  4. Betfair returns Customer’s vendorClientId.
  5. Vendor’s App client sends Customer’s vendorClientId to Vendor’s app server.
  6. Vendor’s app server calls getApplicationSubscriptionHistory citing Vendor’s Session Token, Vendor’s App Key, and the vendorClientID from step 4.
  7. Betfair returns Customer’s complete history for the Vendor’s app (as identified by the app key cited in step 5).  If an empty list is returned then the customer has no current or previous subscription history (i.e. Customer is entirely new).

Vendor Web API

Registration

To register your web application to the Software Vendor Program, the first thing you will need is a Betfair account. Once you have one, you can visit the following page to provide details about your application:

https://developer.betfair.com/get-started/#exchange-api_step3_commercial_commercial-block-2

It's important that you choose "Web App" in the "Type of App" field:

Image Removed

You will also need to specify a redirect URL - this will tell us where to redirect the user once they have logged into Betfair. More details are provided in the "OAuth 2" section.

...

...

 

...

OAuth 2 Flow - Creating an Access Token

...

  • access_token: the access token, used to call Betfair on the user's behalf 
  • token_type: meta data for the access token (see 'Making calls on the user's behalf') 
  • expires_in: how long the access token will be valid for (in seconds)
  • refresh_token: a token that can be used to create a new access token (see 'Using the refresh token')
  • application_subscription: contains the vendor client ID, a unique identifier for a user. Can also contain some subscription related information (See 'Legacy Subscriptions')

IMPORTANT

 

To protect sensitive information such as your app key and secret, it is important that the token operation only be called from server to server.

...

 

{"access_token":"KeOi+kyg2RvDK4HM+W46CvSnP5w=","refresh_token":"50d76117-7f85-375v-a38f-ffb332713f93","application_subscription":{"vendor_client_id":"456238"},"token_type":"BEARER","expires_in":"14400"}

 

 
You can user the 'expires_in' value to determine when the access token will stop being valid. Alternatively, if calls made with the access token start returning an INVALID_SESSION error, it is likely that the token has expired.

...