Category Archives: Magento

REST and oAuth for Magento Developers

REST functionality has been a part of Magento since version 1.7. Older versions of Magento supported only SOAP and XML-RPC implementations. While you can still take advantage of SOAP and XML-RPC functionality in newer versions of Magento, it is well worth learning how to use REST services in Magento.

Using oAuth and the Magento API

To consume REST services in Magento, you must use oAuth for authentication. To do this,y ou must create an oAuth consumer, and obtain an oAuth token for the service which you would like to consume. Tokens can be found under the System > Web Services section of the Magento admin panel. Using oAuth offers an added degree of security because the user does not need to provide their direct Magento login details to a third party App, and can revoke an app’s rights to access the services at any time.
There are three REST consumers which can access resources under the Magento API, these are:
• Guest – a front-end user who is not logged in
• Customer – a front-end user that is logged in
• Administrator – a user that is logged in to the back end.
Each REST consumer has different roles, and has different capabilities. For example, a customer may be able to create, retrieve, update and delete their own address and manage their orders, while a non-logged in frontend user or programmer would only be able to retrieve product listings and view certain parts of the site.
The REST implementation allows two possible actions on each resource – writing and reading. A guest may only read, a customer has read access to most resources and may have limited write capabilities. Administrators can read and write to any resource.
REST Apps are listed in the REST My Apps section of the admin panel. Users also have a My Apps section on their account page, which allows them to manage oAuth apps that they have authorised to access their accounts.

Marketing Your Magento Extension

One of the best things about Magento is that it is extensible – anyone can create a Magento extension and share it or sell it to other Magento users. The ease with which you can create extensions has some downsides, however. There are a lot of extensions on the market.


One of the biggest problems with online app/extension stores – such as Magento Connect – is discoverability. When there are thousands of extensions to choose from, why should a user pick your extension over another one that is free, was made by more well-known web developers, or has been around longer.
You can drive attention to your profile through marketing – promoting your extension via social media, reaching out to web design bloggers, and taking out ads on popular web design sites. However, all this does is drive eyeballs to your profile. There’s more to building a user base than simply getting people to look at your extension.

The Issue of Trust

Few web developers are willing to run unknown code on a production website. To persuade people to install your plugin, you need to get them to trust you. One way to do this is to fill out your Magento Connect profile properly.
Take the time to upload a logo, fill out detailed contact information for your business, and link to your support page. In addition, create a professional looking logo for your extension, and fill out the details page properly. If it looks like you’ve put effort into your profile, people are more likely to believe that you’ve put effort into your extension too.
Encourage people to rate your extension after they’ve used it, and respond to comments and questions so that people know you care about your users. In a saturated market, a simple, working product produced by a developer that cares is far more likely to do well than a sophisticated extension from an unknown, unresponsive developer.