Create an Access Token
POST/oauth/access_token
Client Credentials
A client_credentials
token is used when the credentials are not publicly exposed, usually a server-side language such as PHP or Node.js. This type of authentication enables CRUD
access to all resources.
client_id
and client_secret
are created and managed via Application Keys.
To see the access granted by a client_credentials
token, refer to Permissions.
Implicit
An implicit
token is typically used for situations where you are requesting data on the client side and you are exposing your public key. When authenticated implicitly, you can only fetch (GET
) data with live status (products, categories, brands, etc).
The implicit
token is most appropriate for use inside client-side applications, such as JavaScript.
An implicit
token can be thought of as a Read only token.
Request
- application/x-www-form-urlencoded
Body
The grant type, choices are client_credentials
or implicit
Your client_id
Your client_secret
. Only required for client credentials.
Responses
- 200
- 400
- 401
- default
OK
- application/json
- Schema
- Example (from schema)
- client_credentials
- implicit
Schema
data Bearer
The access token you use for subsequent authenticated requests to the API.
Right now this is only Bearer
.
The type of token requested. This can be a client_credentials
or implicit
.
The duration in seconds after which the token expires.
The epoch time that this token expires at.
{
"data": {
"access_token": "string",
"token_type": "string",
"identifier": "string",
"expires_in": 0,
"expires": 0
}
}
Client Credentials
{
"data": {
"access_token": "xa3521ca621113e44eeed9232fa3e54571cb08bc",
"token_type": "Bearer",
"expires_in": 3600,
"expires": 1524486008,
"identifier": "client_credentials"
}
}
Implicit
{
"data": {
"access_token": "xa3521ca621113e44eeed9232fa3e54571cb08bc",
"token_type": "Bearer",
"expires_in": 3600,
"expires": 1524486008,
"identifier": "implicit"
}
}
Bad Request
- application/json
- Schema
- Example (from schema)
- bad-request-error
Schema
- Array [
- ]
errors Error[]required
A brief summary of the error.
The HTTP response code of the error.
{
"errors": [
{
"title": "string",
"status": "string"
}
]
}
{
"errors": [
{
"title": "Bad Request",
"status": "400"
}
]
}
Unauthorized
- application/json
- Schema
- Example (from schema)
- unauthorized-error
Schema
- Array [
- ]
errors Error[]required
A brief summary of the error.
The HTTP response code of the error.
{
"errors": [
{
"title": "string",
"status": "string"
}
]
}
{
"errors": [
{
"title": "Unauthorized",
"status": "401"
}
]
}
Internal server error.
- application/json
- Schema
- Example (from schema)
- internal-server-error
Schema
- Array [
- ]
errors Error[]required
A brief summary of the error.
The HTTP response code of the error.
{
"errors": [
{
"title": "string",
"status": "string"
}
]
}
Internal server error
{
"errors": [
{
"title": "Internal Server Error",
"status": "500",
"detail": "there was a problem processing your request"
}
]
}