eBay API token detect if a user has already reauthorized, any way to decode the eBay token?

Question

I have a web application that will authorize a user with eBay so that I can post items for them. But I want to cap the limit at 50 per account and eBay account. I can easily track how many item posts they performed in my application. But what prevents the user from opening another account with my application and re-authorize with the same eBay account.

So I tried it with my application and my eBay account and looking at the tokens from account1 and account 2 there's literally 5 characters difference at the beginning of the token String (around character 15). Rest of the token is the same.

Is there a way to tell from the token if it's the same account?

Answer 1

Ok to handle this you would need to get the eBay User and compare to see if they have already registered. Using the user authorized token make a call to get the user details via:

ApiContext.getApiCredential().seteBayToken(FetchTokenCall.fetchToken());
GetUserCall gu = new GetUserCall(ApiContext);
UserType user = gu.getUser();

Now compare and save relevant data.