Operator scope development guide

  • The Cafe24 shopping mall platform can be managed separately by the chief operator, sub-operator and supplier operator.
  • This guide explains how you can control and manage scopes in your app for each operator.

Operator scope settings overview

  • The following structure and specs are provided for configuring and controlling the scope of each operator in the shopping mall.

Basic overview of configuring scopes of operator

Registration of operator scope: check URL and configuration of scopes of shopping mall operator

  • In order to set scopes for the shopping mall operators in the app, we will guide you to register the URI that can confirm the administrator's scope in the app.
  • In addition, we will guide you through the example actions that set the scopes of the operators in the shopping mall.

1. Register operator authorization URI (Developer Center)

  • If your app requires control over scopes by operator, register a URI that verifies the scopes in the app on an operator-by operator basis in the Developer Center.
  • Please refer to the scope specification (JSON format) at the bottom for the authorization information that should be provided in the registered URL.

2. Configuring scopes for each operator in the shopping mall (example)

  • Check the scope in the operator authorization URI registered in the app and display it on the operator scope configuration screen in the shopping mall, configuring scopes for each operator and saving them in the shopping mall platform and then sending the configured scopes to the app at execution.

Specs of scopes provided by the app (JSON format)

  • If you need to configure scopes for each operator in your app, you'll need to send the scopes your app requires in the form below.

The specifications that should be provided by the authorization URI of the app (app → shopping mall) - JSON format

{
"MENU_LIST":{
  "{$Menu_name_1}":{
   "code":"{$code name of menu_name_1}"
  },
  "{$Menu_name_2}":{
   "code":"{$code name of menu_name_2}",
   "sub":{
    "{$Submenu_1}":{
     "code":"{$code name of submenu_1}"
    },
    "{$Submenu_2}":{
     "code":"{$code name of submenu_2}",
     "sub":{
      "...":{
       "code":"..."
      }
     }
    }
   }
  }
 },
"FUNCTION_LIST":{
"{$function name_1}":{
  "code":"{$code name of function name_1}",
   "sub":{
    "{$Sub-function name_1}":{
     "code":"{$code name of sub-function name_1}"
    }
   }
  ...
  ...
 }
}

Specifications that should be provided in the app authorization URI (app → shopping mall) - example

{
"MENU_LIST":{
  "Q&A":{
   "code":"Mabc1"
  },
  "Statistics":{
   "code":"Mabc2",
   "sub":{
    "Daily analysis":{
     "code":"Mabc3"
    },
    "Weekly analysis":{
     "code":"Mabc4",
     "sub":{
      "Week 1":{
       "code":"Mabc5"
      },
      "Week 2":{
       "code":"Mabc6"
      }
     }
    }
   }
  }
 }
,
"FUNCTION_LIST":{
  "Use period":{
   "code":"Fabc1"
  },
  "View refund amount":{
   "code":"Fabc2"
  }
 }

}

When the app runs in the shopping mall, the scope information specifications sent to the app (shopping mall → app)
When a shopping mall operator installs an app already installed in the shopping mall, the information in the shopping mall in which the app is executed upon the GET request to the app URL registered at the Development Center, the operator and the scope of the app is sent. The sent data can be verified using the hmac format.
(Please note that the format below is constantly updated).

Permission Information Specification
Variable name Data Description
is_multi_shop In use: ‘T’
Not in use: ‘F’ or variable not sent
Whether or not an additional shopping mall is registered besides the basic mall
lang Korean : 'ko_KR'
English : 'en_US'
Japanese : 'ja_JP'
Simplified Chinese : 'zh_CN'
Taiwanese(traditional Chinese) : 'zh_TW'
Portuguese : 'pt_PT'
Spanish : 'es_ES'
Language used in the shopping mall
mall_id Shopping Mall ID Shopping Mall ID
shop_no Number Shopping mall serial number (default mall has ‘1’ and additional serial numbers are assigned with multiple malls added)
user_id User ID logged in to the shopping mall Admin User ID logged in to the shopping mall Admin
user_name User name logged in to the shopping mall Admin User name logged in to the shopping mall Admin
user_type Operator (Chief Operator): P
Sub-operator: A
Supplier operator: S
Types of users logged in to the shopping mall Admin
timestamp timestamp 값 Timestamp at the time of the app execution request
hmac Base64 encoded string Key for verification

Binary hash value encoded in base64
- Hash algorithm: sha256
- Hash data (string): Url-encoded GET query string sorted alphabetically (by variable name) of variables sent to GET
- Hash key: App secret key from the Developer Center

https://{{AppUrl}}/?is_multi_shop={{multiple shopping mall}}&lang={{shopping mall language}}&mall_id={{mall ID}}&shop_no={{shop_no}}×tamp={{timestamp}}&user_id={{login ID}}&user_name={{login user name}}&user_type={{user type}}&hmac={{verification key}}