Authentication (OAuth)
The Unicommerce works on OAuth 2.0 specification to make its exposed APIs secure. The user is expected to send a valid access token with each REST API request for authentication purpose. This page provides details on how a user can get this access token against valid user credentials from Uniware.
Flow
Tip
Complete integration flow is available on Basic Overview page.
Basic Information
NAME | DETAILS |
---|---|
Endpoint: | /oauth/token |
Request Type: | GET |
Scheme: | HTTPS |
Header (Content-Type): | application/json |
Query Parameters
PARAMETERS | TYPE | DESCRIPTION | MANDATORY | NOTES |
---|---|---|---|---|
grant_type | string | “password” | Yes | - |
client_id | string | “my-trusted-client” | Yes | - |
username | string | uniware login username | Yes | - |
password | string | uniware login password | Yes | - |
Sample URL
https://{tenant}.unicommerce.com/oauth/token?grant_type=password&client_id=my-trusted-client&username=abc@xyz.com&password=uni@1234\
Response Payload
{
"access_token": "1211cf66-d9b3-498b-a8a4-04c76578b72e",
"token_type": "bearer",
"refresh_token": "18f96b68-bdf4-4c5f-93f2-16e2c6e674c6",
"expires_in": 41621
}
Response Payload Details
PARAMETERS | TYPE | DESCRIPTION | NOTES |
---|---|---|---|
access_token | string | Access token (expires after time given in expires_in) | Eg: “1211cf66-d9b3-498b-a8a4-04c76578b72e” |
token_type | string | “bearer” | - |
refresh_token | string | Refresh token (used to re-validate access_token | Eg: “18f96b68-bdf4-4c5f-93f2-16e2c6e674c6” |
expires_in | integer | valid time of access_token in seconds | Eg: 41621 |
scope | string | “read trust write” | - |
Error Codes
Refer Response Codes section to know about specific errors codes.