Logo
6 juli 2026
Innovatie

Renewed API authorisation process: check and renew on time

man-calling-at-desk

Do you work with an integration partner via the bol API – such as a marketplace integrator, ERP system, or logistics software? We have improved the way you grant API access for added security. From now on, you determine which data and functionalities you share with your integration partner for each connection.

You no longer grant access to the entire API, but only select the necessary components. This way, you maintain control over your data, and access aligns better with your integration partner's services. Below, you can read what this means for you.

What is changing?

This change applies to API connections that use the Codeflow ('simplified authentication process'). If you use Client Credentials? Then nothing changes yet.

Previously, you granted an integration partner access to the full API via the Codeflow. When creating or renewing a connection, you now choose: 

  • The API components (resources): which parts of the API may the integration partner use?
  • The rights: may the integration partner only retrieve data or also manage it?
Authorised parties in bol seller account
Authorised parties in bol seller account

Check if you need to take action

This change applies to:

  • New API connections via the Codeflow
  • Existing Codeflow connections that need to be renewed


Check which connections are active in your seller account via:
Settings > Services > API settings > Authorized parties

Here you will see:

  • Which integration partners have access to the API
  • When an authorisation expires

Renew existing connections before the expiration date via the new process to prevent interruptions. We advise doing this within two months before the expiration date. You will also receive a notification from your integration partner when it's time to renew the authorisation.

Step-by-step plan: Create or renew API connection

1

Step 1: Start the connection from your integration partner

Log in to your integration partner and start the process to create or renew a bol connection. The exact steps may vary per integration partner. Therefore, follow your integration partner's instructions. You will then be automatically redirected to the bol login page.


bol-login-screen
2

Step 2: Select your account

Choose the bol account for which you want to authorise the connection.

screenshot-of-selecting-seller-account
3

Step 3: Choose which data an integration partner can access

You will see an overview of the available API components, divided into five main scopes:

  • Assortment management (e.g., offers and item content)
  • Logistics (e.g., orders)
  • Insights
  • Finance
  • Subscriptions

Via the information icon ('i'), you will find an explanation for each component. Select only the components your integration partner needs. You can select individual components or choose a main scope (for example, Logistics), where the corresponding components are automatically selected.


Please note: for a properly working connection, it is important that you select the correct components. Therefore, check your integration partner's documentation to see which components are needed.

screenshot-share-data
4

Step 4: Choose the correct rights

For each API component, you choose which actions the integration partner may perform:

  • Read: only retrieve data
  • Manage: retrieve, create, modify, and/or delete data

If you are unsure which components or rights are needed, please contact your integration partner.

5

Step 5: Confirm the authorisation

Check your selection and click Save.
The API connection is now active with the rights you have chosen.

6

Step 6: Check the connection

Check if the connection works correctly. Do you see no error messages? Then everything is working correctly. Are you still experiencing problems? Then check your integration partner's documentation or contact them.


7

Good to know

 

  • Integration partners only get access to the functionalities for which you explicitly give permission. It is therefore important that you grant the correct rights.
  • Missing rights can cause a connection to not work properly. In that case, you must go through the authorisation process completely again and grant all necessary rights.
  • Existing connections via the Codeflow will continue to work until the expiration date. After that, you must re-authorise them via the new process.
8

Summary: what should you do?

✔ Check in your seller account which partners have access via the Codeflow.

✔ Renew existing connections before the expiration date via the new authorisation process.

✔ Also go through the new process for new Codeflow connections.

Do you use Client Credentials? Then you don't need to do anything yet. This change is expected to be implemented for Client Credentials integrations in Q3 2026. From then on, you will also determine which API components an integration partner can access for these connections. We will keep you informed about this via the Partnerplatform.