OAuth Service

Download OpenAPI specification:Download

The OAuth Service allows you to generate the following token types:

Token type Description
Anonymous token Used by the storefront to access public resources with a reading scope. It allows customers to browse products, view prices or add products to cart.

The anonymous token is not associated with any customer.
SaaS (customer) token A JSON Web Token (JWT) which contains encrypted customer data.

The SaaS token works similarly to the anonymous token, but it is associated with a specific customer.
Refresh token Used to refresh the customer access token.
Service access token Needed to access the Emporix services such as adding new products, managing categories or modifying prices.

Customer Token

Requesting a customer token

Logs in a customer and sends an authentication request. Returns two customer tokens: * Customer access token. * Customer SaaS token.

Request
path Parameters
tenant
required
string

Name of the tenant.

Note: Name of the tenant is always written in lowercase.

Example: {tenant}
header Parameters
Authorization
required
string

Anonymous customer's access token.

Example: Bearer {anonymous_access_token}
Content-Type
required
string
Example: "application/json"
Request Body schema: application/json
email
required
string <email> non-empty
password
required
string >= 6 characters
Responses
200

The request was successful. A customer token is returned.

post/customer/{tenant}/login
Request samples
application/json
{
  • "email": "customer@emporix.com",
  • "password": "Qwurmdch673;'"
}
Response samples
application/json
{
  • "accessToken": "CZXFASGEG@!@$!24fasASDF",
  • "saasToken": "eyJhbGciOiJIUzI1NiJ9.eyJzdWIAFAFGVZE!@£$FSDVZERTNX0.BK1_F8aRMnnNN6y2Q6TVa4x_Knj3-Qojy4QsPNkHcz8",
  • "expiresIn": 14399,
  • "refreshToken": "QBeG0XJfRqElE67U4tHJAQWrtfas1VR5eg",
  • "refreshTokenExpiresIn": 86399
}

Refresh Token

Requesting a refresh token

Sends an authentication request and returns a refresh token.

Note: Refresh token is used to refresh a customer token. We do not support refresh tokens for other token types.

Request
path Parameters
tenant
required
string

Name of the tenant.

Note: Name of the tenant is always written in lowercase.

Example: {tenant}
query Parameters
refreshToken
required
string

Customer's refresh token generated when the customer token is created.

Example: refreshToken={customer_refresh_token}
header Parameters
Authorization
required
string

Customer's access token generated when the customer token is created.

Example: Bearer {customer_access_token}
Responses
200

The request was successful. A refresh token is returned.

get/customer/{tenant}/refreshauthtoken
Request samples
Response samples
application/json
{
  • "token_type": "Bearer",
  • "access_token": "5UvjlVEsU6G1NTuitcfkNBlAzUn8",
  • "expires_in": 1799,
  • "refresh_token_expires_in": 86326,
  • "refresh_token": "xIMsJmuyyltCWYD7uftonNeBtSAQMldH",
  • "scope": "tenant={tenant}"
}

Refreshing an anonymous token

Sends an authentication request and returns new anonymous token with same session ID attached.

This operation causes update of a session-context document with given session ID.

Anonymous token is valid for one hour. After that time, another refresh anonymous token request should be sent.

Request
query Parameters
tenant
required
string

Name of the tenant.

Note: Name of the tenant is always written in lowercase.

Example: tenant={tenant}
anonymous_token
required
string

Anonymous token that needs to be refreshed. The same session ID will be kept.

Example: anonymous_token={GOToGKaEKFyR8DokPBwHH0Y3AKCo}
client_id
required
string

Your Emporix API key - client ID.

Example: client_id={client_id}
Responses
200

The request was successful. An anonymous token is returned.

get/customerlogin/auth/anonymous/refresh
Request samples
Response samples
application/json
{
  • "token_type": "Bearer",
  • "access_token": "Zq91ySuLxLIzQ0vd0QxiC7imAIHi",
  • "expires_in": 3599,
  • "sessionId": "5b7ae416-5d88-4dd9-bbe9-6b262f45b4e8",
  • "scope": "tenant={tenant}"
}

Anonymous Token

Requesting an anonymous token

Sends an authentication request and returns an anonymous token. This operation causes creation of a new session-context document.

Anonymous token is valid for one hour. After that time it should be refreshed in order to keep the same session ID associated.

Request
query Parameters
tenant
required
string

Name of the tenant.

Note: Name of the tenant is always written in lowercase.

Example: tenant={tenant}
client_id
required
string

Your Emporix API key - client ID.

Example: client_id={client_id}
Responses
200

The request was successful. An anonymous token is returned.

get/customerlogin/auth/anonymous/login
Request samples
Response samples
application/json
{
  • "token_type": "Bearer",
  • "access_token": "Zq91ySuLxLIzQ0vd0QxiC7imAIHi",
  • "expires_in": 3599,
  • "sessionId": "5b7ae416-5d88-4dd9-bbe9-6b262f45b4e8",
  • "scope": "tenant={tenant}"
}

Service Access Token

Requesting a service access token

Sends an authentication request and returns a service access token.

Note: We do not support refresh tokens for service access tokens. In case your service access token expires, you need to send a new authentication request.

Grant type parameter is always client_credentials.

Request
header Parameters
Content-Type
required
string
Example:
Request Body schema: application/x-www-form-urlencoded
grant_type
string
client_id
string
client_secret
string
scope
string
Responses
200

The request was successful. A service access token is returned.

post/oauth/token
Request samples
application/x-www-form-urlencoded
client_id=%7Bclient_id%7D&client_secret=%7Bclient_secret%7D&grant_type=client_credentials&scope=tenant%3D%7Btenant%7D%20...
Response samples
application/json
{
  • "refresh_token_expires_in": 0,
  • "refresh_token": "",
  • "session_idle_time": 120,
  • "token_type": "Bearer",
  • "access_token": "vkFuQ6oTwj8_Ye4eiRSsqMeqLYNeQRJi",
  • "expires_in": 14399,
  • "scope": "tenant={tenant} ..."
}