Create an Access Token

POST 
/oauth/access_token

Client Credentials

A client_credentials token is used when the credentials are not publicly exposed, usually a server-side language such as PHP or Node.js. This type of authentication enables CRUD access to all resources.

client_id and client_secret are created and managed via Application Keys.

To see the access granted by a client_credentials token, refer to Permissions.

Implicit

An implicit token is typically used for situations where you are requesting data on the client side and you are exposing your public key. When authenticated implicitly, you can only fetch (GET) data with live status (products, categories, brands, etc).

The implicit token is most appropriate for use inside client-side applications, such as JavaScript.

caution

An implicit token can be thought of as a Read only token.

Request

application/x-www-form-urlencoded

Body

grant_type stringrequired

The grant type, choices are client_credentials or implicit

client_id stringrequired

Your client_id

client_secret string

Your client_secret. Only required for client credentials.

Responses

200

OK

application/json

Schema

Schema

data Bearer

access_token string

The access token you use for subsequent authenticated requests to the API.

token_type string

Right now this is only Bearer.

identifier string

The type of token requested. This can be a client_credentials or implicit.

expires_in integer

The duration in seconds after which the token expires.

expires integer

The epoch time that this token expires at.

Example (from schema)

{
  "data": {
    "access_token": "string",
    "token_type": "string",
    "identifier": "string",
    "expires_in": 0,
    "expires": 0
  }
}

client_credentials

Client Credentials

{
  "data": {
    "access_token": "xa3521ca621113e44eeed9232fa3e54571cb08bc",
    "token_type": "Bearer",
    "expires_in": 3600,
    "expires": 1524486008,
    "identifier": "client_credentials"
  }
}

implicit

Implicit

{
  "data": {
    "access_token": "xa3521ca621113e44eeed9232fa3e54571cb08bc",
    "token_type": "Bearer",
    "expires_in": 3600,
    "expires": 1524486008,
    "identifier": "implicit"
  }
}

400

Bad Request

application/json

Schema

Schema

errors Error[]required
Array [
title stringrequired
A brief summary of the error.
status stringrequired
The HTTP response code of the error.
]

Example (from schema)

{
  "errors": [
    {
      "title": "string",
      "status": "string"
    }
  ]
}

bad-request-error

{
  "errors": [
    {
      "title": "Bad Request",
      "status": "400"
    }
  ]
}

401

Unauthorized

application/json

Schema

Schema

errors Error[]required
Array [
title stringrequired
A brief summary of the error.
status stringrequired
The HTTP response code of the error.
]

Example (from schema)

{
  "errors": [
    {
      "title": "string",
      "status": "string"
    }
  ]
}

unauthorized-error

{
  "errors": [
    {
      "title": "Unauthorized",
      "status": "401"
    }
  ]
}

default

Internal server error.

application/json

Schema

Schema

errors Error[]required
Array [
title stringrequired
A brief summary of the error.
status stringrequired
The HTTP response code of the error.
]

Example (from schema)

{
  "errors": [
    {
      "title": "string",
      "status": "string"
    }
  ]
}

internal-server-error

Internal server error

{
  "errors": [
    {
      "title": "Internal Server Error",
      "status": "500",
      "detail": "there was a problem processing your request"
    }
  ]
}

Loading...