Each API call requires an access token to be passed along for authentication purposes. An access token is attached to the consumer application's key and secret plus the end-user WHCC account and allows access to the WHCC account without using the WHCC account password.
Generally, if you don't require OAuth functionality for the Order Submit API, WHCC suggests using the simplier Access Token flow.
We have two core authentication flows outlined below that can be leveraged in whatever way makes more sense for your integration.
The Order Submit API has an endpoint to return a token that works for the Order Import API. It is not guaranteed to work for other areas which require authentication. This is the suggested authentication pattern due to its simplicity.
The OAuth API can generate tokens which work with the Order Submit API, but its primary role is to provide an end-user with a username and password login page for integrated applications.
Request a token from the Order Submit API