Download OpenAPI specification:Download
The OAuth Service allows you to generate the following token types:
Token type | Description |
---|---|
Anonymous token | Used by the storefront to access public resources with a reading scope. It allows customers to browse products, view prices or add products to cart. The anonymous token is not associated with any customer. |
SaaS (customer) token | A JSON Web Token (JWT) which contains encrypted customer data. The SaaS token works similarly to the anonymous token, but it is associated with a specific customer. |
Service access token | Needed to access the Emporix services such as adding new products, managing categories or modifying prices. |
Sends an authentication request and returns a refresh token.
The request was successful. A refresh token is returned.
{- "token_type": "Bearer",
- "access_token": "5UvjlVEsU6G1NTuitcfkNBlAzUn8",
- "expires_in": 1799,
- "refresh_token_expires_in": 86326,
- "refresh_token": "xIMsJmuyyltCWYD7uftonNeBtSAQMldH",
- "scope": "tenant={tenant}"
}
Checks whether a token is valid. If the token is invalid, it returns a 401 status code. If the token is valid, it provides the token details.
The request was successful. A token details are returned.
Unauthorized
{- "token_type": "Bearer",
- "expires_in": 2591974,
- "scope": "approval.approval_read_own customermanagement.legalentity_read_own customer.customer_read_own quote.quote_read_own returns.returns_read_own iam.scope_read_own iam.user_read_own customersegment.segment_read_own iam.group_read_own order.order_readascustomer coupon.coupon_redeem customer.customerprofile_edit quote.quote_manage_own returns.returns_manage_own customer.customer_manage_own approval.approval_manage_own order.order_updateascustomer iam.assignment_delete_own customer.consent_view customer.customerprofile_view order.history_view iam.assignment_create_own customer.consent_manage tenant=test",
- "sessionId": "415c340b-5996-4112-bb3b-38139a409f93"
}
Sends an authentication request and returns an anonymous token. This operation causes creation of a new session-context document.
Anonymous token is valid for one hour. After that time it should be refreshed in order to keep the same session ID associated.
The request was successful. An anonymous token is returned.
{- "token_type": "Bearer",
- "access_token": "tpYgJPZqddEQ2zwfzNtx79noBP65",
- "expires_in": 3599,
- "refresh_token": "7FnviYrxvQWYdzUVBVTvXeNAA4Jy1HPe",
- "refresh_token_expires_in": 86399,
- "sessionId": "6d4d4d5e-04b9-40c5-9074-4df1405c6081",
- "scope": "tenant={tenant}"
}
Sends an authentication request and returns new anonymous token with same session ID attached.
This operation causes update of a session-context document with given session ID.
Anonymous token is valid for one hour. After that time, another refresh anonymous token request should be sent.
The request was successful. An anonymous token is returned.
{- "token_type": "Bearer",
- "access_token": "tpYgJPZqddEQ2zwfzNtx79noBP65",
- "expires_in": 3599,
- "refresh_token": "7FnviYrxvQWYdzUVBVTvXeNAA4Jy1HPe",
- "refresh_token_expires_in": 86399,
- "sessionId": "6d4d4d5e-04b9-40c5-9074-4df1405c6081",
- "scope": "tenant={tenant}"
}
Sends an authentication request and returns a service access token.
Note: We do not support refresh tokens for service access tokens. In case your service access token expires, you need to send a new authentication request.
Grant type parameter is always client_credentials
.
The request was successful. A service access token is returned.
client_id=%7Bclient_id%7D&client_secret=%7Bclient_secret%7D&grant_type=client_credentials&scope=tenant%3D%7Btenant%7D%20...
{- "refresh_token_expires_in": 0,
- "refresh_token": "",
- "session_idle_time": 120,
- "token_type": "Bearer",
- "access_token": "vkFuQ6oTwj8_Ye4eiRSsqMeqLYNeQRJi",
- "expires_in": 14399,
- "scope": "tenant={tenant} ..."
}