Account Management API resources model the fundamental aspects of B2B ecommerce with each resource encapsulating a single part of the B2B ecommerce process. For example, Account Management API has resources for:
Resources are linked together with other related resources into workflows that can be used to perform an action. For example, the workflow to create a new associate for a buyer organization involves retrieving the organization, and then following the associates link to the associateform. Then “associateform” is used to create a new associate for that specific organization. By following these workflows, you can perform actions such as add an organization, add a division, perform a search and so on.
Account Management API authorization requires OpenID Connect with the OAuth 2.0 protocol. In order to authenticate to the Account Management API, the client must obtain an access token to be included in the HTTP request headers. For authorization to the Account Management API, a client is required to be authorized through OpenID Connect authentication, specific to the
Authorization Code Flow. For more details about
Authorization Code Flow and OAuth 2.0 please see:
Deploy and configure KeyCloak, an OpenID Connect provider. For KeyCloak deployment and configuration please see:
Authorization by access token
Authorization involves the client, an OpenID provider and the Account Management API. The client will handle several requests to obtain an access token that will be used to authorize the client to the Account Management API.
- The client redirects the user to the OpenID Connect provider
- The user authenticates with the OpenID Connect provider
- The user is redirected back to the client with the Authorization Code in the URL
- The client passes this Authorization Code back to the Account Management API (i.e.,
- The Account Management API will provide an access token which can be used in the HTTP Authorization request header in all subsequent requests
For detailed information on how to implement OpenID Connect for the OAuth 2.0 protocol, please see:
Adding the access token to request headers
The OAuth 2.0 access token returned from the previous series of requests is a bearer token that will be used with requests from the client to the Account Management API. The bearer token should be added to the HTTP request headers when making requests to the Account Management API Service.
Authorization: Bearer AbCdEf123456