Authentication API
Author:
Fluent Commerce
Changed on:
5 July 2024
Overview
APIs use authorization to ensure that client requests access data securely. This can involve authenticating the sender of a request and verifying that they have permission to access or manipulate the relevant data. The below request will return a bearer token. This token can then be used in the header of subsequent API calls to confirm authentication.
Key points
- Overview
- Operations
- Models
Property | Value |
URL |
|
Methods |
|
Scheme |
|
Permissions | |
Content-Type |
|
Operations
[POST] /oauth/token?{API Credentials} Authentication Endpoint
This endpoint uses the provided username, password, client ID & client secret to generate an authentication token.
Parameters
API Credentials
The customer/partner will receive an email from Fluent Commerce that will contain the following information:
Name | Default Value | Multiple? | Description |
API Key | ❌ | This API key is to be used in the Store Locator and other Javascript widgets | |
API Client ID and secret | ❌ | The API Client grants the retailer access to the content via the Fluent REST API. Each retailer will have one API Client | |
User account details | ✅ | These are the details that the user needs to access APIs and Fluent Commerce apps such as the Fluent Console and ServicePoint Instore App. An API Client can have multiple users, e.g., for different applications that require different levels of API access. |
Responses
Response Content Type:
`application/json`
Code | Description |
200 | Successful Operation |
400 | Client Error - Bad Request |
401 | Authorization Error - Invalid Bearer Token / No permission |
403 | Authorization Error - Forbidden |
404 | Client Error - Not Found |
500 | Server Error |
Example Request:
`https://ACCOUNT.sandbox.api.fluentretail.com/oauth/token?username=fluent-api&password=fluent-staging&scope=api&client_id=fluent-api&client_secret=ca5ce9a8-2f2e-4b4a-b8da-767f79fc81a9&grant_type=password`
1{
2 "access_token": "cf02e220-86ea-408d-9b80-fb55f517725b",
3 "token_type": "bearer",
4 "expires_in": 86386,
5 "scope": "api",
6 "Retailer_id": 1,
7 "FirstName": "Fluent",
8 "LastName": "Retail",
9 "Roles": []
10}
Language: json
Name: Example Success Response
Description:
[Warning: empty required content area]1{
2 "errors": [
3 {
4 "code": "400",
5 "message": {
6 "error": "invalid_grant",
7 "error_description": "Bad credentials"
8 }
9 }
10 ]
11}
Language: json
Name: Example Error Response
Description:
[Warning: empty required content area]Models
Response Model
Key | Type | Mandatory? | Possible Values | Constraints | Description |
access_token | String | ✅ | The access token string as issued by the authorization server | ||
token_type | String | ✅ | The type of token. This will typically be the string “bearer” | ||
expires_in | Integer | ❌ | If the access token expires, this field will return a value in seconds until the token expires | ||
scope | String | ❌ | |||
Retailer_id | Integer | ❌ | This is a unique ID associated with the retailer | ||
Roles | [String] | ❌ | An array of the Roles associated with the returned token | ||
FirstName | String | ❌ | The first name of the user account that requested the token | ||
LastName | String | ❌ | The last name of the user account that requested the token |
Error Model
Key | Type | Possible Values | Description |
errors | Array | List of errors | |
code | String | 400, 401, 403, 404, 500 | error code |
message | String | description of the error |