How to create a trade offer?

[aveu1]

Hi,

I am working on a project where I want to create new trade offer directly on our site. I have already read many pages and I know how to make the proper call to create trade offer. Here is my sample curl:

curl --request POST 'https://steamcommunity.com/tradeoffer/new/send' \
--header 'Referer: https://steamcommunity.com/tradeoffer/new/?partner=PARTNER_ID&token=TOKEN' \
--header 'Content-Type: application/x-www-form-urlencoded; charset=UTF-8' \
--header 'Cookie: sessionid=SESSION;steamLoginSecure=STEAM_LOGIN_SECURE' \
--data-raw 'sessionid=SESSION&serverid=1&partner=PARTNER_ID&tradeoffermessage=&json_tradeoffer={"newversion":true,"version":2,"me":{"assets":[],"currency":[],"ready":false},"them":{"assets":[{"appid":730,"contextid":"2","amount":1,"assetid":"ASSET_ID"}],"currency":[],"ready":false}}&captcha=&trade_offer_create_params={"trade_offer_access_token":"TOKEN"}' \
--compressed

And almost all is fine. But... I use openID authorization and in this process of logging in I don't get all cookies required in request above. When I call `POST https://steamcommunity.com/openid/login` in order to verify correct authorization I receive only SESSIONID cookie in response. So how can I get the second cookie: steamLoginSecure? Should I call some other endpoint after login verification? Or am I forced to implement whole authorization flow on my side (login, password, email token confirmation, etc.)? 

Please help me with that, because project deadline is coming... :/

[Dr. McKay]

OpenID doesn't do what you think it does. It doesn't log you into Steam; it allows third-party sites to verify you are who you claim you are on Steam. So yes, you'd need to implement the whole login flow to get a session cookie.

[aveu1]

Thank you for your explanation!