Overview

UPS has deprecated access key authentication in favor of an OAuth 2.0 security model and REST API. Beginning June 3, 2024, access keys will no longer be supported for authentication to any UPS APIs. After this date, all integrations must utilize OAuth 2.0 authentication and the REST API to continue to transact with UPS services.

For more information, please see the Access Key to OAuth 2.0 Migration Guide.

REST API Configuration

To switch an existing UPS carrier in ShipCenter to the new REST API, follow these steps:

1. Open ShipCenter and select Carriers from the Setup tab on the ribbon.

2. On the Carriers screen, select the existing UPS carrier, and click the Edit button.

3. On the Carrier Editor window change the API Type from “Web Services (Legacy)” to “REST API”.

There will be additional access token options in the Carrier Editor. It is necessary to generate an access token for ShipCenter to interact with the UPS REST API.

4. Click the Add Key button to generate a new access token. Note that production and test environments require separate tokens.

The UPS login screen will launch and require logging in with UPS credentials. Enter your UPS username and password and click the Log In button to continue.

A prompt should display that the token was generated successfully.

NOTE: If there are any issues with the built-in UPS login, a manual login method is available. Hold the ALT key when clicking the Add Key button, and a separate browser window will open.  After logging in, copy the resulting URL from the browser’s address bar and paste it into the prompt in ShipCenter, and click OK. ShipCenter will parse out the authorization code and generate an access token.

Access Token

The access token must be refreshed every four hours for ShipCenter to continue interacting with the UPS REST API. ShipCenter will refresh this token automatically when making an API call. Further action from the user is not required.

Refresh Token

The refresh token is returned when a new access token is generated, and it is used to refresh the access token. Unlike the access token, the refresh token lasts three months and must be refreshed manually. A refresh token expired error will appear if a transaction is attempted to be processed with an expired refresh token. A new refresh token can be obtained by generating a new access token after the refresh token expires.

Token Information

The current token information can be viewed by clicking the Key Information button.

This will open the Access Token Information window which displays various token properties such as issue date, expiration date, and status.

Token Expiration Reminder

When a user logs into ShipCenter, and a UPS access token will expire in the next 7 days or is already expired, then a popup message will appear.  This will display information on whether the token is already expired, or when it expires, in order to notify that the manual token refresh step must be handled soon.

When a UPS access token will expire in the next 7 days, a warning will appear:

When a UPS access token is expired, an error will appear:

Only active carriers will provide these reminders.  Carriers can be marked as inactive on the Carrier Editor screen:

Note that token expiration reminders are available as of ShipCenter 1.3.0.1.