Initiate an authenticated session

Learn how to initiate an authenticated session for a return.

Use the GET /oauth20/authorize to send the following request to create an authenticated shopper token to identify the shopper session:

curl --location --request POST '' \
--header 'authorization: Basic ***\

Include your base64-encoded API key and secret in the request header. Include grant_type=client_credentials and the externalReferenceId in the request body. This Token API identifies a shopper session. A token consists of the access_token and the refresh_token. They correspond to the session cookie and the cookie in the browser. You can save the access_token and refresh_token in the application and use them in subsequent queries. The access_token expires after a specified interval (60 minutes by default in user session site settings in Global Commerce). The refresh_token expires after one year.

The expires_in property is the time-to-live (TTL) value for the access token. You can refresh the access token at any time.

Last updated