/oauth20/tokenresource to generate either an anonymous or authenticated shopper token. You can also use it to refresh an access token. The requirements for the API depend on the type of application that invokes a request.
/oauth20/tokenresource generates an access token that you can use to access resources. A shopper can use an anonymous shopper token to anonymously shop for a product. You need an authenticated shopper token to retrieve authenticated shopper-specific details, such as address or payment details. This token only supports a public workflow.
externalReferenceIdin the request body.
refresh_token. They correspond to the session cookie and the browser cookie. You can save the
refresh_tokenin the application and use them in subsequent queries. The
access_tokenexpires after a specified interval (60 minutes by default in user session site settings in Digital River. The
refresh_tokenexpires after one year.
expires_inproperty is the time-to-live (TTL) value for the access token. You can refresh the access token at any time.
/oauth20/authorizeresource to authenticate a shopper and establish an authenticated shopper token. An authenticated shopper token allows an application to use all of the shoppers/me APIs. You must send a request to the
oauth20/authorizeresource that includes:
expires_inproperty is the TTL value for the access token. An application can store a valid access token and re-use it until it expires.
sessionTokenquery parameter or
dr_session_tokenform parameter, depending on the workflow.
sessionTokensite action with no API key
/authand provides their Global Commerce account credentials (username and password).
GET /oauth20/authorizeresource to initiate the creation of an authenticated shopper (full access) token. This resource will return a 302 response that you can use to direct the user to an IDP-hosted login page. After the shopper logs in successfully, control returns to your application through the use of the redirect URI query parameter, which contains a full access token parameter that you can use to make subsequent API calls.