j
No Results
Search Tips:
- Please consider misspellings
- Try different search keywords
OAuth 2.0
ShopperToken authentication follows the authorization code grant flow, as defined by the OAuth 2.1 standard. Depending on the type of OAuth client (public or private), this authorization flow has further requirements. For a detailed description of the authorization flow, see the SLAS overview.
A shopper token allows you to access the Shopper API endpoints of both OCAPI and the B2C Commerce API. These endpoints can be used to build headless storefronts and other applications.
The ShopperToken security scheme is a parent of other security schemes, such as ShopperTokenTsob. A Shopper API endpoint can require a specific child scheme (ShopperTokenTsob, for example) that cannot be accessed with a regular shopper token.
Settings
Authorization grants
- authorization_code
- client_credentials
Access token URI
https://{short-code}.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/{organizationId}/oauth2/token
Authorization URI
https://{short-code}.api.commercecloud.salesforce.com/shopper/auth/v1/organizations/{organizationId}/oauth2/authorize
Bearer token
Bearer b325e95c-2cd7-11e5-b345-feff819cdc9f
Responses
Unauthorized. Your access token is invalid or expired and can’t be used to identify a user.
{
"type": "https://api.commercecloud.salesforce.com/documentation/error/v1/errors/unauthorized",
"title": "Unauthorized",
"detail": "Your access token is invalid or expired and can’t be used to identify a user."
}
WWW-Authenticate: Bearer realm="servers",
error="invalid_token",
error_description="The token expired"
A URI reference [RFC3986] that identifies the problem type. This specification encourages that, when dereferenced, it provide human-readable documentation for the problem type (e.g., using HTML [W3C.REC-html5-20141028]). When this member is not present, its value is assumed to be "about:blank". It accepts relative URIs; this means that they must be resolved relative to the document's base URI, as per [RFC3986], Section 5.
https://example.com/probs/out-of-credit
A short, human-readable summary of the problem type. It will not change from occurrence to occurrence of the problem, except for purposes of localization.
You do not have enough credit.
A human-readable explanation specific to this occurrence of the problem.
Your current balance is 30, but that costs 50.
A URI reference that identifies the specific occurrence of the problem. It may or may not yield further information if dereferenced. It accepts relative URIs; this means that they must be resolved relative to the document's base URI, as per [RFC3986], Section 5.
/account/12345/msgs/abc