Authentication (OAuth)
The Unicommerce works on OAuth 2.0 specification to make its exposed APIs secure. The user is expected to send a valid access token with each REST API request for authentication purpose. This page provides details on how a user can get this access token against valid user credentials from Uniware.
Tip
- Refer FAQs to know how to create user in Uniware and set its password, to get authentication, using this API.
- Ensure the user (using this API) is an Admin. Also, he needs access to the appropriate facility to do the necessary updates using the APIs specified here. Refer FAQs for procedure to check the admin access of the user and give facility access.
Basic Information
NAME | DETAILS |
---|---|
Endpoint: | /oauth/token |
Request Type: | GET |
Scheme: | HTTPS |
Header (Content-Type): | application/json |
Query Parameters
PARAMETERS | TYPE | DESCRIPTION | MANDATORY | NOTES |
---|---|---|---|---|
grant_type | string | “password” | Yes | - |
client_id | string | “my-trusted-client” | Yes | - |
username | string | uniware login username | Yes | - |
password | string | uniware login password | Yes | - |
Sample URL
https://{tenant}.unicommerce.com/oauth/token?grant_type=password&client_id=my-trusted-client&username=abc@xyz.com&password=uni@1234\
Response Payload
{
"access_token": "1211cf66-d9b3-498b-a8a4-04c76578b72e",
"token_type": "bearer",
"refresh_token": "18f96b68-bdf4-4c5f-93f2-16e2c6e674c6",
"expires_in": 41621
}
Response Payload Details
PARAMETERS | TYPE | DESCRIPTION | NOTES |
---|---|---|---|
access_token | string | Access token (expires after time given in expires_in) | Eg: “1211cf66-d9b3-498b-a8a4-04c76578b72e” |
token_type | string | “bearer” | - |
refresh_token | string | Refresh token (used to re-validate access_token) | - |
expires_in | integer | valid time of access_token in seconds | Eg: 41621 |
scope | string | “read trust write” | - |