UPS shipping method integration migration from SOAP to RESTful API

NOTE
If you uploaded any of the three patches from this article prior to October 10, 2023, you should reapply one of these patches now published in this article for your 2.4.4+/2.4.5+/2.4.6+ version of Adobe Commerce/Magento Open Source once again, because otherwise you will not be able to select and configure specific UPS shipping methods in the Admin configuration, and you will have to have all of them enabled. These new patches are compatible with the previously released patches.

This article provides a patch to resolve issues with the United Parcel Service (UPS) shipping method integration migration from SOAP to RESTful API for Adobe Commerce 2.4.4 - 2.4.6-pX.

According to the latest updates to the UPS API Security Model, UPS has implemented an OAuth 2.0 security model for all APIs (More details available in the UPS Developer Portal Access Key Migration Guide) to enhance the overall security to reduce fraud and provide enhanced API capabilities.

This change impacts our current UPS shipping method integration implementation in Adobe Commerce and requires us to fix our current implementation and to migrate from SOAP API to the RESTful API to be able to support OAuth 2.0 authentication protocols.

Beginning in June 2024, Adobe Commerce merchants will not be able to transact with our current UPS integration, so we are releasing this hotfix, which allows Adobe Commerce 2.4.4+/2.4.5+/2.4.6+ merchants to migrate to the latest UPS REST APIs.

This issue will be fixed in Adobe Commerce/Magento Open Source version 2.4.7, and the fix will also be included in the 2.4.7-beta2 release in October 2023.

Affected products and versions

Adobe Commerce on cloud infrastructure and on-premises, and Magento Open Source:

  • 2.4.4
  • 2.4.4-pX
  • 2.4.5
  • 2.4.5-pX
  • 2.4.6
  • 2.4.6-pX

Cause

The UPS released a security update for their API.

Solution

Use the following attached patches, depending on your Adobe Commerce/Magento Open Source version:

To resolve the issue in the 2.4.4+, 2.4.5+, and 2.4.6+ versions, you must apply the corresponding patch to your version of Adobe Commerce/Magento Open Source below.

Patch

Use the following attached patches, depending on your Adobe Commerce/Magento Open Source version:

For versions 2.4.4, 2.4.4-pX:

For versions 2.4.5, 2.4.5-pX:

For versions 2.4.6, 2.4.6-pX:

How to apply the patch

Unzip the file and see How to apply a composer patch provided by Adobe in our support knowledge base for instructions.

How to tell whether the patches have been applied

Considering that it is not possible to easily check if the issue was patched, you might want to check whether the patch has been successfully applied. This uses (Example: AC-9363) as the patch to check.

You can do this by taking the following steps:

  1. Install the Quality Patches Tool.

  2. Run the command:

    code language-bash
    vendor/bin/magento-patches -n status |grep "9363|Status"
    
  3. You should see output similar to this, where AC-9363 returns the  Applied  status:

    code language-bash
    ║ Id            │ Title                                                        │ Category        │ Origin                 │ Status      │ Details                                          ║ ║ N/A           │ ../m2-hotfixes/AC-9363_USPS_Ground_Advantage_shipping_method_COMPOSER_patch.patch      │ Other           │ Local                  │ Applied     │ Patch type: Custom
    
recommendation-more-help
8bd06ef0-b3d5-4137-b74e-d7b00485808a