Create an Access Token

POST /oauth/access_token

Client Credentials

A client_credentials token is used when the credentials are not publicly exposed, usually a server-side language such as PHP or Node.js. This type of authentication enables CRUD access to all resources.

client_id and client_secret are created and managed via Application Keys.

To see the access granted by a client_credentials token, refer to Permissions.

Implicit

An implicit token is typically used for situations where you are requesting data on the client side and you are exposing your public key. When authenticated implicitly, you can only fetch (GET) data with live status (products, categories, brands, etc).

The implicit token is most appropriate for use inside client-side applications, such as JavaScript.

caution

An implicit token can be thought of as a Read only token.

Request

application/x-www-form-urlencoded

Body

grant_type stringrequired

The grant type, choices are client_credentials or implicit

client_id stringrequired

Your client_id

client_secret string

Only required for client credentials.

Responses

application/json

Schema
Example (from schema)

Schema

expires integer

identifier string

expires_in integer

access_token string

token_type string

{
  "expires": 0,
  "identifier": "string",
  "expires_in": 0,
  "access_token": "string",
  "token_type": "string"
}

Create an Access Token

/oauth/access_token

Client Credentials​

Implicit​

Request​

Body

Responses​

Client Credentials

Implicit

Request

Responses