Skip to main content

Generate an Account Management Authentication Token

POST 
https://useast.api.elasticpath.com/v2/account-members/tokens

Commerce provides authentication tokens for anyone using the Account Management APIs, including accounts and account members.

For each element in the list returned by the account member authentication API, a token value is returned. In order for a shopper to authenticate as the account, this value should be set as the EP-Account-Management-Authentication-Token header when calling Commerce. This header grants access to additional resources associated with the account, such as carts, orders, catalogs with associated rules, and addresses.

The set of permissions available to a shopper using an Account Management Authentication token is documented in Permissions

Commerce provides authentication tokens for an account and an account member using:

  • OpenID Connect
  • Username and password
  • Self signup
  • One-time password token
  • Switch account token

Request

Body

    data objectrequired
    authentication_mechanism string

    Possible values: [oidc, password, passwordless, self_signup, account_management_authentication_token]

    typestringrequired

    Specifies the type of the object. You must use account_management_authentication_token.

    Default value: account_management_authentication_token
    authentication_mechanismstringrequired

    Species the authentication mechanism. You must use oidc.

    Default value: oidc
    oauth_authorization_codestringrequired

    Specifies the code returned from the OpenID Connect Provider authentication.

    Example: c2490f06-6d8e-4927-99aa-4bf02b419e96
    oauth_redirect_uriurirequired

    Specifies the URL of the front-end that handles the callback of the token.

    Example: https://example-store.com/oauth2/callback
    oauth_code_verifierstringrequired

    Specifies the Proof Key for Code Exchange (PKCE) code verifier corresponding to the code challenge supplied to the authorization endpoint. For more information about code verifier and challenge, see Generating a Code Verifier and Challenge.

    Example: 0E934PurR8ExVg6Pj7T4kQewxKzWSfSFG5d15FGfww8

Responses

Created

Schema
    data object[]
  • Array [
    • typestring

    Specifies the type of the object.

    Default value: account_management_authentication_token
    account_namestring

    The name of the account that this token grants access to.

    Example: acc-name-1
    account_iduuid

    The ID of the account that this token grants access to.

    Example: 908f7849-60da-4e4a-a3b1-51d4cbe3b953
    tokenstring

    The JWT authentication token that the shopper uses as the EP-Account-Management-Authentication-Token header in all other endpoints.

    Example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOiIyMDIxLTAzLTE2VDE5OjM2OjExLjA3MFoiLCJpYXQiOiIyMDIxLTAzLTE1VDE5OjM2OjExLjA3MFoiLCJzY29wZSI6IjFjNDVlNGVjLTI2ZTAtNDA0My04NmU0LWMxNWI5Y2Y5ODVhMyIsInN1YiI6IjFjNDVlNGVjLTI2ZTAtNDA0My04NmU0LWMxNWI5Y2Y5ODVhMiJ9.ytQ3UutTl_RJ8NiB1xN29Ta23p-FXsYOhcUM7MUQ4CM
    expiresdate-time

    The epoch time that this token expires at. The time is set to 24 hours after the token is generated.

    Example: 2021-03-16T19:36:11.070Z
  • ]
    • meta object
    page object
    limitinteger

    The maximum number of records per page for this response. You can set this value up to 100.

    Example: 25
    currentinteger

    The current page.

    Example: 0
    offsetinteger

    The current offset by number of records, not pages. Offset is zero-based.

    Example: 0
    totalinteger

    The total page count.

    Example: 1
    results object
    totalinteger

    The total number of results after applying filters, if any, or all results.

    Example: 1
    account_member_iduuid

    The unique identifier for the Account Member that authenticated. This is useful if account_member_self_management is enabled in Account Authentication Settings, so that the user can update details for their account.

    Example: f5d08d48-bbc8-4f61-818f-a78583045f56
    links object
    currenturi

    Always the current page.

    Example: https://useast.api.elasticpath.com/v2/account-members/tokens?page[offset]=0&page[limit]=25
    firsturi

    Always the first page.

    Example: https://useast.api.elasticpath.com/v2/account-members/tokens?page[offset]=0&page[limit]=25
    lasturi

    Always null if there is only one page.

    Example: https://useast.api.elasticpath.com/v2/account-members/tokens?page[offset]=0&page[limit]=25
    nextstring

    Always null if there is only one page.

    Example: null
    prevstring

    Always null if the user is on the first page.

    Example: null

Authorization: http

name: BearerTokentype: httpscheme: bearer
var client = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Post, "https://useast.api.elasticpath.com/v2/account-members/tokens");
request.Headers.Add("Accept", "application/json");
request.Headers.Add("Authorization", "Bearer <token>");
var content = new StringContent("{\n  \"data\": {\n    \"type\": \"account_management_authentication_token\",\n    \"authentication_mechanism\": \"oidc\",\n    \"oauth_authorization_code\": \"c2490f06-6d8e-4927-99aa-4bf02b419e96\",\n    \"oauth_redirect_uri\": \"https://example-store.com/oauth2/callback\",\n    \"oauth_code_verifier\": \"0E934PurR8ExVg6Pj7T4kQewxKzWSfSFG5d15FGfww8\"\n  }\n}", null, "application/json");
request.Content = content;
var response = await client.SendAsync(request);
response.EnsureSuccessStatusCode();
Console.WriteLine(await response.Content.ReadAsStringAsync());
Request Collapse all
Base URL
https://useast.api.elasticpath.com
Auth
Body
{
  "data": {
    "type": "account_management_authentication_token",
    "authentication_mechanism": "oidc",
    "oauth_authorization_code": "c2490f06-6d8e-4927-99aa-4bf02b419e96",
    "oauth_redirect_uri": "https://example-store.com/oauth2/callback",
    "oauth_code_verifier": "0E934PurR8ExVg6Pj7T4kQewxKzWSfSFG5d15FGfww8"
  }
}
ResponseClear

Click the Send API Request button above and see the response here!

We use cookies to enhance your experience. By continuing to visit this site you agree to our use of cookies.