Authentication

Before you can use the API, you need to authenticate. The API uses the OAuth 2.0 standard to authenticate users. In short, OAuth 2.0 requires you to obtain an access token which you will have to include in every subsequent request so the server can confirm your identity.

Obtain an access token

OAuth 2.0 defines various ways that users can authenticate, so-called application grant types. The Admin API supports two grant types or -flows:

Client Credentials Grant
Resource Owner Password Grant
(Refresh Token Grant)

Not sure which grant type to use?

In order to obtain an access token, perform one of the following requests

Passing the access token

Once you've obtained an access token, simply provide it in your requests Authorization header as as a Bearer token:

yaml

// GET /api/v3/product/b7d2554b0ce847cd82f3ac9bd1c0dfad

Host: shop.example.com
Content-Type: application/json
Authorization: Bearer eyJ0....

Catalog

Checkout

Content

Architecture

Infrastructure

Installation & Updates

Deployments

Performance

Admin API Guide

Writing entities

General Concepts

Store API Guide

Apps

Administration

Local development

Themes

Plugins

Administration

Checkout

Cart

Document

Order

Payment

Content

CMS

Mail

Framework

Custom Fields

Data Handling / DataAbstractionLayer

Event

Message Queue

Rule

Store API

Storefront

Testing

Plugin fundamentals

Enterprise Edition

Search

Migration Assistant

Concept

Guides

Code

Documentation

Testing

Administration Reference

API Reference

Store API Reference

App Reference

Config Reference

Server

Core Reference

Administration Reference

DAL Reference

Storefront Reference

Testing Reference

Authentication

Authentication ​

Obtain an access token ​

Passing the access token ​

Authentication

Obtain an access token

Passing the access token