TD SYNNEX Integration Setup Guide

This guide walks you through connecting TD SYNNEX StreamOne Ion to Scopable, start to finish. You won't write any code. You'll create a dedicated integration user in StreamOne Ion, copy four values from the Admin Portal, and paste them into Scopable. Budget about 10 minutes.

A quick note on "TD SYNNEX" vs "StreamOne Ion"

TD SYNNEX runs more than one developer platform. Scopable connects to StreamOne Ion (ion.tdsynnex.com), the platform behind your cloud CSP marketplace (Microsoft CSP, Google, AWS, and so on). That's the system that powers catalog search, pricing, and subscriptions in Scopable.

If you also distribute physical hardware through TD SYNNEX's EC Express / Digital Bridge stack, that's a separate platform with separate credentials and is not part of this integration. Everywhere this guide says "the Admin Portal," it means the StreamOne Ion portal at ion.tdsynnex.com.

What connecting TD SYNNEX does

Once connected, Scopable can:

• Search the TD SYNNEX cloud catalog and pull live price and availability directly inside the Quote Wizard.
• Show your CSP subscriptions so your team can see what each client already has.
• Link a Scopable client to a TD SYNNEX customer so catalog and subscription data line up with the right account.

TD SYNNEX runs as an independent integration, so it sits comfortably alongside Pax8 and Ingram Micro: an issue with one distributor never affects the others.

How TD SYNNEX authentication works (the short version)

StreamOne Ion uses two things at once, which is why Scopable asks for four values:

• An API Key + API Secret pair (used for some calls), found on the Account Information page.
• A Refresh Token, generated per-user under OAuth credentials, which Scopable exchanges behind the scenes for a short-lived access token.

There is no "click to authorize" login redirect with StreamOne Ion. You copy the values in by hand, once. After that, Scopable manages the token exchange and renewal for you. The one thing worth understanding up front: the refresh token is single-use and rotates every time it's used, and it expires after about 32 days of inactivity. Scopable handles the rotation automatically. You only ever touch it again if the connection sits unused long enough for the token to expire (covered in Troubleshooting).

Before you start (2-minute checklist)

A quick prep pass prevents almost every setup failure:

• Confirm your StreamOne Ion account is activated for API access. TD SYNNEX has to enable API access on your account before any credentials will work. If you've never used the Ion API before, request activation from your TD SYNNEX rep first.
• Confirm you can sign in to the Ion Admin Portal at ion.tdsynnex.com with an admin role that can manage users and view Account Information.
• Have a secure password manager open so you can store the API secret and refresh token the moment they're shown.

Step 1: Create a dedicated integration user in StreamOne Ion

The refresh token is generated per user, so it's best practice to create a dedicated user for Scopable rather than tying the connection to a person who might later be deactivated.

1. Sign in to the StreamOne Ion Admin Portal at ion.tdsynnex.com.
2. Click the Settings icon in the top-right corner.
3. Go to Users and create a new user.
4. Give the user a role other than "User" (for example, Sales) and set the status to Active. A plain "User" role can't generate the OAuth credentials Scopable needs.

Why a dedicated user? If the connection is ever in doubt, you can regenerate this user's credentials without disturbing anyone's day-to-day login. Name it something obvious, like "Scopable Integration."

Step 2: Copy your Account ID, API Key, and API Secret

Three of the four values live on the same page.

1. In the Admin Portal, click the Settings icon (top-right), then go to Account Information.
2. Copy the Account ID shown on this page.
3. Scroll to the bottom of the page to the API Keys section. Click Generate New API Keys (or Show Key if a key already exists).
4. Copy both the API Key and the API Secret. Treat the secret like a password and store it in your password manager.

Heads-up: Generating new API keys invalidates the previous pair. If other tools already use these keys, regenerating them will break those tools. If a key already exists and you can reveal it with Show Key, reuse it instead of generating a new one.

Step 3: Generate your Refresh Token

The refresh token is generated on the integration user you created in Step 1.

1. In the Admin Portal, click the Settings icon (top-right), then go to Users.
2. Select your integration user and click Edit.
3. Find the OAuth credentials section and click Request New Credentials.
4. Copy the Refresh Token that appears and store it securely.

Generate this last, right before you connect. Per TD SYNNEX: "the initial refresh token expires when a new refresh token is generated." In other words, clicking Request New Credentials again invalidates the previous token. Generate it, then move straight to Scopable in Step 4. If you wait too long and the token rotates or expires, just generate a fresh one and reconnect.

What these values look like

TD SYNNEX doesn't publish a fixed, human-recognizable format for these values, so don't expect a tidy prefix like sk-…. Treat them as long, opaque strings and copy them exactly:

• Account ID: your StreamOne Ion account identifier from the Account Information page.
• API Key: an identifier string from the API Keys section.
• API Secret: a longer secret string paired with the API Key. Shown when generated; store it immediately.
• Refresh Token: a long token string from the user's OAuth credentials.

Behind the scenes, Scopable trades your refresh token for a short-lived access token. TD SYNNEX returns something like this (you never have to do this yourself, it's shown only so you know what's happening under the hood):

{
  "access_token": "…",
  "token_type": "Bearer",
  "refresh_token": "…",
  "expires_in": 7200
}

The access_token is valid for 7200 seconds (2 hours), and each call returns a new refresh_token that replaces the old one. Scopable stores the rotated token automatically, which is why you set this up only once.

Step 4: Connect in Scopable

1. Log in to Scopable as an Admin.
2. Click Integrations in the left-side navigation under Administration.
3. Open the TD SYNNEX tab.
4. On the setup card, fill in the four values from Steps 2 and 3:
   • Account ID
   • API Key
   • API Secret (stored encrypted in Scopable's secure vault; never shown again after you save it)
   • Initial Refresh Token (also stored encrypted)
5. Click Save & Test Connection.

There's no Sandbox/Production toggle: TD SYNNEX connects to your live production account.

Scopable saves your credentials, immediately exchanges the refresh token for a working session, and verifies it against TD SYNNEX. On success you'll see a green Connected badge, and the Quote Wizard will be ready to use live TD SYNNEX data. After connecting, you can re-run Test Connection or Reconnect at any time.

Your credentials are encrypted and stored securely. Scopable never exposes the API secret or refresh token in the UI after you save them, and we cannot read them back.

Don't see TD SYNNEX, or a message that it's switched off? The integration can be toggled per account. If the page reads "The TD SYNNEX integration is switched off for your account right now," contact Scopable to enable it.

What to do right after connecting

Once the badge turns green, run one quick real-world check:

1. Open a test opportunity in the Quote Wizard and search for a common cloud SKU.
2. Confirm price and availability populate from TD SYNNEX.
3. Open a client linked to a TD SYNNEX customer and confirm subscriptions appear as expected.

If anything looks off, click Test Connection on the TD SYNNEX card to recheck the link.

Troubleshooting

"The TD SYNNEX integration is switched off for your account right now"

The integration is toggled off for your account. Contact Scopable to turn it on, then return to Integrations → TD SYNNEX.

"Needs attention" / "TD SYNNEX can no longer connect"

This almost always means your StreamOne Ion refresh token rotated or expired, most often because the connection went unused for more than about a month (refresh tokens are valid roughly 32 days). Fix it in two steps:

1. In the Ion Admin Portal, go to Settings → Users, edit your integration user, and under OAuth credentials click Request New Credentials to generate a fresh refresh token.
2. In Scopable, on the TD SYNNEX card, click Reconnect, paste the fresh refresh token (along with your account ID, API key, and secret), and save.

Scopable revalidates immediately and the badge returns to Connected.

The connection test fails right after saving

• Check for stray characters. The account ID, API key, API secret, and refresh token all have to be exact. Re-copy each one and watch for trailing spaces or line breaks.
• Confirm the refresh token is still fresh. If you generated it a while ago, or clicked Request New Credentials again afterwards, the earlier token is dead. Generate a new one and paste that.
• Confirm API access is enabled. If your StreamOne Ion account was never activated for API use, no credentials will work. Confirm activation with your TD SYNNEX rep.
• Confirm the integration user's role. The user that owns the refresh token must have a role other than "User" and be Active.

The keys worked elsewhere but broke after I generated new ones

Generating new API keys in Account Information invalidates the previous pair. If another tool was using the old keys, it will stop working. Re-paste the current key and secret into every tool that needs them, or use Show Key to reuse the existing pair instead of regenerating.

"You don't have permission to connect TD SYNNEX"

The signed-in Scopable user lacks permission to manage integrations. Have a Scopable admin perform the setup.

Still stuck?

Email us at [email protected] with a screenshot of the error and we'll figure it out together. Not a chatbot. A person.

Frequently Asked Questions

Which TD SYNNEX platform does Scopable connect to?

StreamOne Ion (ion.tdsynnex.com), the cloud CSP marketplace platform. Hardware distribution (EC Express / Digital Bridge) is a separate TD SYNNEX system and is not part of this integration.

Exactly which credentials do I need, and where is each one?

Four values, all from the StreamOne Ion Admin Portal:

Credential	Where to find it
Account ID	Settings → Account Information
API Key	Settings → Account Information → API Keys section
API Secret	Settings → Account Information → API Keys section (shown with the API Key)
Refresh Token	Settings → Users → edit your integration user → OAuth credentials → Request New Credentials

Why does Scopable need both API keys and a refresh token?

StreamOne Ion uses both an API key/secret pair and an OAuth refresh token depending on the call. Providing all four lets Scopable use the right credential for each request. You enter them once; Scopable handles the rest.

Do I have to deal with the access token or token expiry myself?

No. Scopable exchanges your refresh token for a short-lived access token automatically, caches it, and refreshes it as needed. The access token lasts 2 hours; you never manage it.

Why does the refresh token "rotate," and what do I do about it?

StreamOne Ion issues a single-use refresh token that's replaced with a new one each time it's used. Scopable stores the replacement automatically, so day to day you do nothing. You only regenerate a token in the portal if the connection sat unused long enough to expire (about 32 days). See the "Needs attention" step above.

Is there a sandbox or test environment?

No. TD SYNNEX connects to your live production account; there's no sandbox toggle on the setup card.

Are my credentials safe?

Yes. The API secret and refresh token are encrypted in Scopable's secure vault and are never displayed again after you save them. Only non-secret identifiers like the account ID are stored in readable form.

Can multiple teammates use it once connected?

Yes. The TD SYNNEX connection is tied to your Scopable account, not to an individual user. You set it up once, and anyone with the right permissions can use TD SYNNEX-powered features.

Should I use my own login for the refresh token?

It's better to create a dedicated integration user in StreamOne Ion (Step 1). That keeps the connection independent of any one person's account and makes it easy to regenerate credentials if needed.