Generate an Account Management Authentication Token
POST/v2/account-members/tokens
Commerce provides authentication tokens for anyone using the Account Management APIs, including accounts and account members.
For each element in the list returned by the account member authentication API, a token value is returned. In order for a shopper to authenticate as the account, this value should be set as the EP-Account-Management-Authentication-Token header when calling Commerce. This header grants access to additional resources associated with the account, such as carts, orders, catalogs with associated rules, and addresses.
The set of permissions available to a shopper using an Account Management Authentication token is documented in Permissions
Commerce provides authentication tokens for an account and an account member using:
- OpenID Connect
- Username and password
- Self signup
- One-time password token
- Switch account token
Request
- application/json
Body
- OpenIDConnectRequest
- PasswordRequest
- PasswordlessRequest
- SelfSignupRequest
- SwitchingAccountRequest
data object required
Default value: account_management_authentication_token
Specifices the type of the object. You must use account_management_authentication_token.
Default value: oidc
Species the authentication mechanism. You must use oidc.
Specifies the code returned from the OpenID Connect Provider authentication.
Specifies the URL of the front-end that handles the callback of the token.
Specifies the Proof Key for Code Exchange (PKCE) code verifier corresponding to the code challenge supplied to the authorization endpoint. For more information about code verifier and challenge, see Generating a Code Verifier and Challenge.
Default value: account_management_authentication_token
Specifices the type of the object. You must use account_management_authentication_token.
Default value: password
Species the authentication mechanism. You must use password.
The password profile ID. For more information, see password profiles page.
The username.
The password.
Default value: account_management_authentication_token
Specifices the type of the object. You must use account_management_authentication_token.
Default value: passwordless
Species the authentication mechanism. You must use passwordless.
The password profile ID. For more information, see password profiles page.
The username.
The one-time password token.
Default value: account_management_authentication_token
Specifices the type of the object. You must use account_management_authentication_token.
Default value: self_signup
Species the authentication mechanism. You must use self_signup.
The password profile ID. For more information, see password profiles page.
The username.
The password.
The name.
The email.
Default value: account_management_authentication_token
Specifices the type of the object. You must use account_management_authentication_token.
Default value: account_management_authentication_token
Species the authentication mechanism. You must use account_management_authentication_token.
Responses
- 201
- 401
- default
Created
- application/json
- Schema
- Example (from schema)
Schema
- Array [
- ]
data AccountManagementAuthenticationTokenResponse[]
Default value: account_management_authentication_token
Specifies the type of the object.
The name of the account that this token grants access to.
The ID of the account that this token grants access to.
The JWT authentication token that the shopper uses as the EP-Account-Management-Authentication-Token header in all other endpoints.
The epoch time that this token expires at. The time is set to 24 hours after the token is generated.
meta object
page object
The maximum number of records per page for this response. You can set this value up to 100.
The current page.
The current offset by number of records, not pages. Offset is zero-based.
The total page count.
results object
The total number of results after applying filters, if any, or all results.
links object
Always the current page.
Always the first page.
Always null if there is only one page.
Always null if there is only one page.
Always null if the user is on the first page.
{
"data": [
{
"type": "account_management_authentication_token",
"account_name": "acc-name-1",
"account_id": "908f7849-60da-4e4a-a3b1-51d4cbe3b953",
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOiIyMDIxLTAzLTE2VDE5OjM2OjExLjA3MFoiLCJpYXQiOiIyMDIxLTAzLTE1VDE5OjM2OjExLjA3MFoiLCJzY29wZSI6IjFjNDVlNGVjLTI2ZTAtNDA0My04NmU0LWMxNWI5Y2Y5ODVhMyIsInN1YiI6IjFjNDVlNGVjLTI2ZTAtNDA0My04NmU0LWMxNWI5Y2Y5ODVhMiJ9.ytQ3UutTl_RJ8NiB1xN29Ta23p-FXsYOhcUM7MUQ4CM",
"expires": "2021-03-16T19:36:11.070Z"
}
],
"meta": {
"page": {
"limit": 25,
"current": 0,
"offset": 0,
"total": 1
},
"results": {
"total": 1
}
},
"links": {
"current": "https://useast.api.elasticpath.com/v2/account-members/tokens?page[offset]=0&page[limit]=25",
"first": "https://useast.api.elasticpath.com/v2/account-members/tokens?page[offset]=0&page[limit]=25",
"last": "https://useast.api.elasticpath.com/v2/account-members/tokens?page[offset]=0&page[limit]=25",
"next": null,
"prev": null
}
}
Unauthorized
- application/json
- Schema
- Example (from schema)
- unauthorized-error
Schema
- Array [
- ]
errors Error[]required
A brief summary of the error.
The HTTP response code of the error.
Optional additional detail about the error.
{
"errors": [
{
"title": "string",
"status": "string",
"detail": "string"
}
]
}
{
"errors": [
{
"title": "Unauthorized",
"status": "401"
}
]
}
Internal server error.
- application/json
- Schema
- Example (from schema)
- internal-server-error
Schema
- Array [
- ]
errors Error[]required
A brief summary of the error.
The HTTP response code of the error.
Optional additional detail about the error.
{
"errors": [
{
"title": "string",
"status": "string",
"detail": "string"
}
]
}
Internal server error
{
"errors": [
{
"title": "Internal Server Error",
"status": "500",
"detail": "there was a problem processing your request"
}
]
}