Generate an Account Management Authentication Token

POST 
https://useast.api.elasticpath.com/v2/account-members/tokens

Commerce provides authentication tokens for anyone using the Account Management APIs, including accounts and account members.

For each element in the list returned by the account member authentication API, a token value is returned. In order for a shopper to authenticate as the account, this value should be set as the EP-Account-Management-Authentication-Token header when calling Commerce. This header grants access to additional resources associated with the account, such as carts, orders, catalogs with associated rules, and addresses.

The set of permissions available to a shopper using an Account Management Authentication token is documented in Permissions

Commerce provides authentication tokens for an account and an account member using:

• OpenID Connect
• Username and password
• Self signup
• One-time password token
• Switch account token

Request

application/json

Body

data object required

oneOf

OpenIDConnectRequest

type stringrequired

Default value: account_management_authentication_token

Specifices the type of the object. You must use account_management_authentication_token.

authentication_mechanism stringrequired

Default value: oidc

Species the authentication mechanism. You must use oidc.

oauth_authorization_code stringrequired

Specifies the code returned from the OpenID Connect Provider authentication.

oauth_redirect_uri urirequired

Specifies the URL of the front-end that handles the callback of the token.

oauth_code_verifier stringrequired

Specifies the Proof Key for Code Exchange (PKCE) code verifier corresponding to the code challenge supplied to the authorization endpoint. For more information about code verifier and challenge, see Generating a Code Verifier and Challenge.

PasswordRequest

type stringrequired

Default value: account_management_authentication_token

Specifices the type of the object. You must use account_management_authentication_token.

authentication_mechanism stringrequired

Default value: password

Species the authentication mechanism. You must use password.

password_profile_id stringrequired

The password profile ID. For more information, see password profiles page.

username urirequired

The username.

password stringrequired

The password.

PasswordlessRequest

type stringrequired

Default value: account_management_authentication_token

Specifices the type of the object. You must use account_management_authentication_token.

authentication_mechanism stringrequired

Default value: passwordless

Species the authentication mechanism. You must use passwordless.

password_profile_id stringrequired

The password profile ID. For more information, see password profiles page.

username urirequired

The username.

one_time_password_token stringrequired

The one-time password token.

SelfSignupRequest

type stringrequired

Default value: account_management_authentication_token

Specifices the type of the object. You must use account_management_authentication_token.

authentication_mechanism stringrequired

Default value: self_signup

Species the authentication mechanism. You must use self_signup.

password_profile_id stringrequired

The password profile ID. For more information, see password profiles page.

username urirequired

The username.

password stringrequired

The password.

name urirequired

The name.

email stringrequired

The email.

SwitchingAccountRequest

type stringrequired

Default value: account_management_authentication_token

Specifices the type of the object. You must use account_management_authentication_token.

authentication_mechanism stringrequired

Default value: account_management_authentication_token

Species the authentication mechanism. You must use account_management_authentication_token.

Responses

201

Created

application/json

Schema

Schema

data AccountManagementAuthenticationTokenResponse[]
Array [
type string
Default value: account_management_authentication_token
Specifies the type of the object.
account_name string
The name of the account that this token grants access to.
account_id uuid
The ID of the account that this token grants access to.
token string
The JWT authentication token that the shopper uses as the EP-Account-Management-Authentication-Token header in all other endpoints.
expires date-time
The epoch time that this token expires at. The time is set to 24 hours after the token is generated.
]
meta object

page object

limit integer

The maximum number of records per page for this response. You can set this value up to 100.

current integer

The current page.

offset integer

The current offset by number of records, not pages. Offset is zero-based.

total integer

The total page count.

results object

total integer

The total number of results after applying filters, if any, or all results.

links object

current uri

Always the current page.

first uri

Always the first page.

last uri

Always null if there is only one page.

next string

Always null if there is only one page.

prev string

Always null if the user is on the first page.

Example (from schema)

{
  "data": [
    {
      "type": "account_management_authentication_token",
      "account_name": "acc-name-1",
      "account_id": "908f7849-60da-4e4a-a3b1-51d4cbe3b953",
      "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOiIyMDIxLTAzLTE2VDE5OjM2OjExLjA3MFoiLCJpYXQiOiIyMDIxLTAzLTE1VDE5OjM2OjExLjA3MFoiLCJzY29wZSI6IjFjNDVlNGVjLTI2ZTAtNDA0My04NmU0LWMxNWI5Y2Y5ODVhMyIsInN1YiI6IjFjNDVlNGVjLTI2ZTAtNDA0My04NmU0LWMxNWI5Y2Y5ODVhMiJ9.ytQ3UutTl_RJ8NiB1xN29Ta23p-FXsYOhcUM7MUQ4CM",
      "expires": "2021-03-16T19:36:11.070Z"
    }
  ],
  "meta": {
    "page": {
      "limit": 25,
      "current": 0,
      "offset": 0,
      "total": 1
    },
    "results": {
      "total": 1
    }
  },
  "links": {
    "current": "https://useast.api.elasticpath.com/v2/account-members/tokens?page[offset]=0&page[limit]=25",
    "first": "https://useast.api.elasticpath.com/v2/account-members/tokens?page[offset]=0&page[limit]=25",
    "last": "https://useast.api.elasticpath.com/v2/account-members/tokens?page[offset]=0&page[limit]=25",
    "next": null,
    "prev": null
  }
}

401

Unauthorized

application/json

Schema

Schema

errors Error[]required
Array [
title stringrequired
A brief summary of the error.
status stringrequired
The HTTP response code of the error.
detail string
Optional additional detail about the error.
]

Example (from schema)

{
  "errors": [
    {
      "title": "string",
      "status": "string",
      "detail": "string"
    }
  ]
}

unauthorized-error

{
  "errors": [
    {
      "title": "Unauthorized",
      "status": "401"
    }
  ]
}

default

Internal server error.

application/json

Schema

Schema

errors Error[]required
Array [
title stringrequired
A brief summary of the error.
status stringrequired
The HTTP response code of the error.
detail string
Optional additional detail about the error.
]

Example (from schema)

{
  "errors": [
    {
      "title": "string",
      "status": "string",
      "detail": "string"
    }
  ]
}

internal-server-error

Internal server error

{
  "errors": [
    {
      "title": "Internal Server Error",
      "status": "500",
      "detail": "there was a problem processing your request"
    }
  ]
}

Authorization: http

name: BearerTokentype: httpscheme: bearer

• curl
• python
• go
• nodejs
• ruby
• csharp
• php
• java
• powershell

• CURL

curl -L -X POST 'https://useast.api.elasticpath.com/v2/account-members/tokens' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{
  "data": {
    "type": "account_management_authentication_token",
    "authentication_mechanism": "oidc",
    "oauth_authorization_code": "c2490f06-6d8e-4927-99aa-4bf02b419e96",
    "oauth_redirect_uri": "https://example-store.com/oauth2/callback",
    "oauth_code_verifier": "0E934PurR8ExVg6Pj7T4kQewxKzWSfSFG5d15FGfww8"
  }
}'

Request Collapse all

Base URL

https://useast.api.elasticpath.com

Auth

Bearer Token

Body

• Example (from schema)
• OpenID Connect
• Username and Password
• One-time Password Token
• Self Signup
• Switch account tokens

{
  "data": {
    "type": "account_management_authentication_token",
    "authentication_mechanism": "oidc",
    "oauth_authorization_code": "c2490f06-6d8e-4927-99aa-4bf02b419e96",
    "oauth_redirect_uri": "https://example-store.com/oauth2/callback",
    "oauth_code_verifier": "0E934PurR8ExVg6Pj7T4kQewxKzWSfSFG5d15FGfww8"
  }
}

ResponseClear

Click the Send API Request button above and see the response here!