Authentication FAQs

Where do I indicate my developer ID when making an API call?

When you make an API call, the system obtains your developer ID from your OAuth token, which is generated from your developer account’s API key and secret. When you use your OAuth token, the system knows which developer you are.

For most API calls, this is all the information needed. However, for some API calls, especially those related to merchant accounts, you must also explicitly pass the developer ID in a path parameter. When that is the case, the documentation for the API call tells you so.

To create an OAuth token, see Generate OAuth Token.

Is the OAuth token reusable?

Yes, it is reusable for 10 hours, after which it expires and you must generate a new one. It is suggested that you use an OAuth token for as long as possible instead of taking the extra time to generate it with each API call.

To create an OAuth token see Generate OAuth Token.

Can I have more than one OAuth token active at a time?

Yes, but it is best practice to have as few active as possible to avoid slowing down processing for all users.

Do my API key and secret work with my developer ID only?

Yes. Pitney Bowes creates the API key and secret specifically for your developer ID. They work only with your developer ID.

Also, keep in mind that your sandbox key and secret work only with the sandbox environment, and your production key and secret work only with the production environment. For more information on environments, see API Environments.

Can I generate an OAuth token using my email address?

No. To generate an OAuth token you must use your developer account’s API key and secret. See Generate an OAuth Token.