Authentication (OAuth)
The Unicommerce works on OAuth 2.0 specification to make its exposed APIs secure. The user is expected to send a valid access token with each REST API request for authentication purpose. This page provides details on how a user can get this access token against valid user credentials from Uniware.
Flow
Tip
Complete integration flow is available on Basic Overview page.
Basic Information
| NAME | DETAILS |
|---|---|
| Endpoint: | /oauth/token |
| Request Type: | GET |
| Scheme: | HTTPS |
| Header (Content-Type): | application/json |
Query Parameters
| PARAMETERS | TYPE | DESCRIPTION | MANDATORY | NOTES |
|---|---|---|---|---|
| grant_type | string | “password” | Yes | - |
| client_id | string | “my-trusted-client” | Yes | - |
| username | string | uniware login username | Yes | - |
| password | string | uniware login password | Yes | - |
Sample URL
https://{tenant}.unicommerce.com/oauth/token?grant_type=password&client_id=my-trusted-client&username=abc@xyz.com&password=uni@1234\
Response Payload
{
"access_token": "1211cf66-d9b3-498b-a8a4-04c76578b72e",
"token_type": "bearer",
"refresh_token": "18f96b68-bdf4-4c5f-93f2-16e2c6e674c6",
"expires_in": 41621
}Response Payload Details
| PARAMETERS | TYPE | DESCRIPTION | NOTES |
|---|---|---|---|
| access_token | string | Access token (expires after time given in expires_in) | Eg: “1211cf66-d9b3-498b-a8a4-04c76578b72e” |
| token_type | string | “bearer” | - |
| refresh_token | string | Refresh token (used to re-validate access_token | Eg: “18f96b68-bdf4-4c5f-93f2-16e2c6e674c6” |
| expires_in | integer | valid time of access_token in seconds | Eg: 41621 |
| scope | string | “read trust write” | - |
Error Codes
Refer Response Codes section to know about specific errors codes.