Guides
Start typing to search…

ReBound API credentials

Introduction

To connect your TikTok Shop app with ReBound, you’ll need to provide three key API credentials: Client ID, Client Secret, and Flow Key. These credentials enable secure, authenticated communication between your store and the ReBound platform, ensuring that returns and related data are processed correctly and securely.

What Are the Credentials?

  • Client ID A unique identifier for your store or integration, generated in the ReBound system. It tells ReBound which client (you) is making the API request.
  • Client Secret A secure password-like value paired with your Client ID. It is used to authenticate your app and must be kept confidential.
  • Flow Key Identifies the specific return flow or configuration in ReBound. This is required if your setup uses sub-flows in My ReBound; otherwise, it can be left empty for main flows. If your Implementation Manager did not provide you with a flow key, you can leave it empty.

📘

Multi-store setup

If you use multiple TikTok Shop stores in parallel (e.g., for different brands or geographies), install the app in all of your stores you want to connect to ReBound.

Your ReBound implementation manager can advise on which credentials to use on each store.

Where to find or your credentials

The Client ID, Client Secret and Flow Key are generated by your ReBound Implementation Manager when they set your store up in our platform.

Once the setup is ready, they will share the three values with you.

If they do not provide you with a flow key, you can leave it empty.

How are the credentials used?

  • When you install the TikTok Shop app, you’ll be prompted to enter your Client ID, Client Secret, and (optionally) Flow Key.
  • The app uses these credentials to authenticate with ReBound’s API using OAuth 2.0, ensuring secure and authorized access.
  • Credentials are required for all automated return processing, label generation, and data synchronization between TikTok Shop and ReBound.

Security best practices

  • Keep your Client Secret confidential. Never share it on public channels and avoid sharing it in unsecure ways (e.g., via email).
  • Store credentials securely (e.g., in a password manager or secure vault).
  • If you suspect your credentials have been compromised, contact ReBound support immediately to rotate them.
  • Only authorized personnel should have access to these credentials.

Troubleshooting

  • If you receive authentication errors, double-check that your Client ID, Client Secret, and Flow Key are entered correctly.
  • Ensure your credentials are active and have not expired or been revoked.
  • For further help, get in touch with your ReBound Implementation Manager.

Updated 6 days ago

What’s Next