Account Member Authentication (Beta)
important
Beta features are not certified for use in a production environment. For more information, see the Beta APIs section.
Elastic Path provides authentication tokens for an account and an account member.
The Account Management Authentication Token Object
| Attribute | Type | Description |
|---|---|---|
account_name | string | The name of the account that this token grants access to. |
account_id | string | The account id of the account that this token grants access to. |
token | string | The JWT authentication token that you can use in other endpoints. |
type | string | The type of the object returned. |
expires | timestamp | The epoch time at which the token expires, which is 24 hours after creating the token. |
{
"data":
{
"account_name": "acc-name-1",
"account_id": "9e227208-b592-49c0-8c8f-043b66c634b0",
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOiIyMDIxLTAzLTE2VDE5OjM2OjExLjA3MFoiLCJpYXQiOiIyMDIxLTAzLTE1VDE5OjM2OjExLjA3MFoiLCJzY29wZSI6IjFjNDVlNGVjLTI2ZTAtNDA0My04NmU0LWMxNWI5Y2Y5ODVhMyIsInN1YiI6IjFjNDVlNGVjLTI2ZTAtNDA0My04NmU0LWMxNWI5Y2Y5ODVhMiJ9.ytQ3UutTl_RJ8NiB1xN29Ta23p-FXsYOhcUM7MUQ4CM",
"type": "account_management_authentication_token",
"expires": "2021-03-16T19:36:11.070Z"
}
}
POST Generate an Account Management Authentication Token
https://api.moltin.com/v2/account-members/tokens
Using OpenID Connect
Headers:
| Name | Required | Type | Description |
|---|---|---|---|
Authorization | Required | string | The Bearer token required to get access to the API. |
EP-Beta-Features | Required | string | The Beta Header required to use the Beta APIs. For this API, the header must contain account-management. |
Body:
| Name | Required | Type | Description |
|---|---|---|---|
type | Required | string | Specifies the type of the object. You must use account_management_authentication_token. |
authentication_mechanism | Required | string | Specifies the authentication mechanism. For an OpenID Connect login, you must use oidc. |
oauth_authorization_code | Required | string | The code returned from the OpenID Connect Provider authentication. |
oauth_redirect_uri | Required | string | The URL of the front-end that handles the callback of the token. |
oauth_code_verifier | Required | string | The Proof Key for Code Exchange (PKCE) code verifier corresponding to the code challenge supplied to the authorization endpoint. For more information about code verifier and challenge, see the Generating a Code Verifier and Challenge section. |
201 Created
{
"meta": {
"page": {
"limit": 20,
"offset": 0,
"current": 1,
"total": 1
},
"results": {
"total": 2
}
},
"data": [
{
"account_name": "acc-name-1",
"account_id": "9e227208-b592-49c0-8c8f-043b66c634b0",
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOiIyMDIxLTAzLTE2VDE5OjM2OjExLjA3MFoiLCJpYXQiOiIyMDIxLTAzLTE1VDE5OjM2OjExLjA3MFoiLCJzY29wZSI6IjFjNDVlNGVjLTI2ZTAtNDA0My04NmU0LWMxNWI5Y2Y5ODVhMyIsInN1YiI6IjFjNDVlNGVjLTI2ZTAtNDA0My04NmU0LWMxNWI5Y2Y5ODVhMiJ9.ytQ3UutTl_RJ8NiB1xN29Ta23p-FXsYOhcUM7MUQ4CM",
"type": "account_management_authentication_token",
"expires": "2021-03-16T19:36:11.070Z"
},
{
"account_name": "acc-name-2",
"account_id": "87acbe78-921f-4a25-84db-09dc276754ba",
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MTU5MTg3NTksImlhdCI6MTYxNTkxODc0NCwic2NvcGUiOiI5N2FjYmU3OC05MjFmLTRhMjUtODRkYi0wOWRjMjc2NzU0YmEiLCJzdWIiOiI5N2FjYmU3OC05MjFmLTRhMjUtODRkYi0wOWRjMjc2NzU0YmEifQ.NphZBSWYxfl3-odXOxD0l6Zj7E9HxOG7qp34Sizm0WU",
"type": "account_management_authentication_token",
"expires": "2021-03-16T18:19:19.070Z"
}
],
"links": {
"current": "https://api.moltin.com/v2/account-members/tokens?page[offset]=0&page[limit]=20",
"first": "https://api.moltin.com/v2/account-members/tokens?page[offset]=0&page[limit]=20",
"last": "https://api.moltin.com/v2/account-members/tokens?page[offset]=0&page[limit]=20",
"next": "null",
"prev": "null"
}
}
curl -X POST https://api.moltin.com/v2/account-members/tokens \
-H "Authorization: Bearer XXXX" \
-H "EP-Beta-Features: account-management" \
-H "Content-Type: application/json" \
-d $'{
"data":{
"type": "token",
"authentication_mechanism": "oidc",
"oauth_authorization_code": "c2490f06-6d8e-4927-99aa-4bf02b419e96",
"oauth_redirect_uri": "https://example-store.com/oauth2/callback",
"oauth_code_verifier": "0E934PurR8ExVg6Pj7T4kQewxKzWSfSFG5d15FGfww8"
}
}'
Switching Accounts
Headers:
| Name | Required | Type | Description |
|---|---|---|---|
Authorization | Required | string | The Bearer token required to get access to the API. |
EP-Account-Management-Authentication-Token | Required | string | A previously issued account management authentication token. |
EP-Beta-Features | Required | string | The Beta Header required to use the Beta APIs. For this API, the header must contain account-management. |
Body:
| Name | Required | Type | Description |
|---|---|---|---|
type | Required | string | Specifies the type of the object. You must use account_management_authentication_token. |
authentication_mechanism | Required | string | Specifies the authentication mechanism. You must use account_management_authentication_token. |
201 Created
{
"meta": {
"page": {
"limit": 20,
"offset": 0,
"current": 1,
"total": 1
},
"results": {
"total": 2
}
},
"data": [
{
"account_name": "acc-name-1",
"account_id": "9e227208-b592-49c0-8c8f-043b66c634b0",
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOiIyMDIxLTAzLTE2VDE5OjM2OjExLjA3MFoiLCJpYXQiOiIyMDIxLTAzLTE1VDE5OjM2OjExLjA3MFoiLCJzY29wZSI6IjFjNDVlNGVjLTI2ZTAtNDA0My04NmU0LWMxNWI5Y2Y5ODVhMyIsInN1YiI6IjFjNDVlNGVjLTI2ZTAtNDA0My04NmU0LWMxNWI5Y2Y5ODVhMiJ9.ytQ3UutTl_RJ8NiB1xN29Ta23p-FXsYOhcUM7MUQ4CM",
"type": "account_management_authentication_token",
"expires": "2021-03-16T19:36:11.070Z"
},
{
"account_name": "acc-name-2",
"account_id": "87acbe78-921f-4a25-84db-09dc276754ba",
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MTU5MTg3NTksImlhdCI6MTYxNTkxODc0NCwic2NvcGUiOiI5N2FjYmU3OC05MjFmLTRhMjUtODRkYi0wOWRjMjc2NzU0YmEiLCJzdWIiOiI5N2FjYmU3OC05MjFmLTRhMjUtODRkYi0wOWRjMjc2NzU0YmEifQ.NphZBSWYxfl3-odXOxD0l6Zj7E9HxOG7qp34Sizm0WU",
"type": "account_management_authentication_token",
"expires": "2021-03-16T18:19:19.070Z"
}
],
"links": {
"current": "https://api.moltin.com/v2/account-members/tokens?page[offset]=0&page[limit]=20",
"first": "https://api.moltin.com/v2/account-members/tokens?page[offset]=0&page[limit]=20",
"last": "https://api.moltin.com/v2/account-members/tokens?page[offset]=0&page[limit]=20",
"next": "null",
"prev": "null"
}
}
curl -X POST https://api.moltin.com/v2/account-members/tokens/ \
-H "Authorization: Bearer XXXX" \
-H "EP-Beta-Features: account-management" \
-H "Content-Type: application/json" \
-d $'{
"data": {
"type": "account_management_authentication_token",
"authentication_mechanism": "account_management_authentication_token"
}
}'
Using a token
Use the token value to implicitly read, create, or update the resources that are linked to the selected account and account members. For each element in the list returned by the account member authentication API, a token value is returned. You can use these tokens as the value to the EP-Account-Management-Authentication-Token header with the following endpoint: