Hack 82 Climbing Out of the Sandbox


Dealing with certification and going "live."

eBay is understandably protective about any access it permits through its API. To that end, they provide the Sandbox, a "dummy" eBay site with which you can test your programs to your heart's content.

The Sandbox is located at cgi.sandbox.ebay.com/, and looks (and acts) just like eBay.com. Although it's nearly fully functional (some features don't work at all), its auction and user databases are completely separate from the main eBay site.

The idea is that you can create user accounts, list items, bid, and even check out, all without incurring the fees and API call limits that would otherwise prevent you from freely testing your application or scripts.

Although the Sandbox is not bug-free and is often a few months behind eBay.com when it comes to new features and interface changes, it's stable where it counts. It's accepted as fact that any code that works in the Sandbox will work on the live eBay.com site.

8.2.1 Certification

Before your application goes "live," meaning that it can be used on what eBay calls the "production servers" (not just the Sandbox), you must complete certification.

Now, the fact that certification is a required step and costs money ($100 for Individual-tier developers) may make it seem more like a barrier than a service. However, eBay's reasoning is that it ultimately benefits developers as much as it benefits eBay.

For developers working under the Individual license, the certification fee is the only tangible cost of entry to going live.

First and foremost, certification involves testing your script or application to ensure that it operates efficiently and causes minimal impact on the performance of eBay.com. Certification also permits developers to display the eBay Certified Developer Logo in their applications; while this may not mean so much to individual developers (it is not even available under the Individual license), it is absolutely vital for those creating commercial applications to gain the confidence of their customers.

Here's how certification works:

  1. Review the certification requirements (see the next section).

  2. Submit the API Usage Document (available at developer.ebay.com), which helps provide the certification "test team" with enough information to understand how your product will be accessing the eBay API and eBay content.

  3. Submit a Certification Request.

  4. eBay works with you to test your application, which essentially involves hooking it up to a special debug server and analyzing the traffic it generates.

  5. Provided that you've met the certification requirements, eBay estimates that your program should be certified within a week.

  6. Recertification is necessary only if your application substantially changes the way it uses the API.

8.2.2 Certification Requirements

The following requirements must be met by your application in order for it to pass certification:

  • Error Handling. Make sure you look for and handle any errors received from API calls. For instance, if you're using a single API call repeatedly, make sure the loop halts if an error is encountered. All of the scripts in this chapter incorporate some degree of error checking.

  • Efficiency. One of the primary reasons for certification is to ensure that your application or script handles communication with eBay responsibly and efficiently. See [Hack #99] for details.

  • Compatibility Levels. The eBay API is constantly changing and evolving to keep up with eBay.com. It's important to keep track of these changes, especially if you're using some of the more obscure fields or API calls listed in the documentation. The Compatibility Level ($compat_level) specified in config.pl ensures that these changes won't affect your program, at least until eBay removes support for your compatibility level (which they do periodically).

    For instance, the Seller.User.Sunglasses field was replaced with the Seller.User.NewUser and Seller.User.UserIdChanged fields as of API version 305, to correspond with changes to the main eBay site. If your program were to submit an API call with compatibility level 309, you wouldn't have access to the Seller.User.Sunglasses field.

    All the scripts in this book reflect compatibility level 309. If you encounter a script or function that doesn't work for you, refer to the API documentation for possible changes associated with later compatibility levels.

  • Specific call requirements. In addition to the previous rather general requirements, certification also requires certain procedures to be followed with regard to many of the individual API calls. Here are a few examples:


    Every time your application retrieves comments from a feedback profile, it should cache or record the data so that it retrieves only newly added feedback records each time. See [Hack #96] for details.


    You should use GetItem (described in [Hack #84]) only if the information you need cannot be retrieved through more efficient means such as GetSellerList (described in [Hack #87]).


    Use the GetSellerList call only to retrieve listing data for the first time; use GetSellerEvents to subsequently retrieve price changes, bids, item revisions, or other changes that might have occurred since the auction data was last retrieved.

  • License requirements. Finally, your application must fall within the limits of your license agreement. For instance, if you're working under the free Individual license, you can't redistribute your applications (nor would you want to, given the number of API calls that would be required by hundreds of users).

As the API gains popularity, it remains to be seen how strict the certification requirements will remain, and how rigorously eBay will enforce recertification for large changes to your code.