Session-aware access tokens
Learn how to create session-aware access tokens.
The session-aware access token links a Global Commerce shopper session to an access token as well as provide the ability to continue a shopper workflow with a previously established shopper session.
To create a session-aware access token, use the sessionToken
query parameter or dr_session_token
form parameter, depending on the workflow.
You must provide a session-aware token when transitioning a shopper from a 3rd-party application to a Digital River-hosted checkout experience to complete an online purchase.
You can create a session-aware token by either sending a browser call or a request to the Token endpoint in either the Shopper API or the OAuth API.
If you provide a session token when generating an access token, the system creates a new shopper session.
You can choose one of the following options to create a session-aware access token:
Creating an anonymous shopper token for a site with an API key
Establish an anonymous shopper (limited access) token in a single call by passing in your API key to the sessionToken
site action.
You must include the sessionToken
site action. The sessionToken
site action MUST come from the client side (the shopper's browser). You can do this via ajax and as shown in the following example.
Creating an anonymous shopper token for a site via OAuth 2.0
This example requires two calls; one to get the session token, and another to create the access token.
Step 1: Get a dr_session_token from the sessionToken
site action with no API key
sessionToken
site action with no API keyYou must include the sessionToken
site action and it MUST come from the client side (the shopper's browser). You can do this via ajax, as shown in the following example.
Step 2: POST the dr_session_token to the oauth20 resource, to get an anonymous shopper token.
The time-to-live (TTL) value for expires_in
respects the user session site settings in Global Commerce. In this example, the token for the site expires in 86397 seconds (24 hours).
Last updated