Glue API: Authenticate as a customer
Edit on GitHubThis endpoint allows authenticating as a customer. As an authenticated customer, you can send requests to protected resources.
This endpoint does not comply with OAuth 2.0. If your project requires such compliance, use the /token endpoint. For details about the /token endpoint, see Managing customer authentication tokens via OAuth 2.0.
Installation
For details on the modules that provide the API functionality and how to install them, see Install the Customer Access Glue API.
Authenticate as a customer
To authenticate as a customer, send the request:
POST /access-tokens
Request
Request sample: authenticate as a customer
POST https://mysprykershop.com/access-tokens
{
"data": {
"type": "access-tokens",
"attributes": {
"username": "sonia@spryker.com",
"password": "change123"
}
}
}
| ATTRIBUTE | TYPE | REQUIRED | DESCRIPTION |
|---|---|---|---|
| username | string | ✓ | Customer’s username. You define it when creating a customer. |
| password | password | ✓ | Customer’s password. You define it when creating a customer. |
Username
If you are authenticating as a newly created customer, make sure to verify your email address first. If an email address was not confirmed, the endpoint returns the 403 “Failed to authenticate user” error.
Note that depending on the Login feature configuration for your project, too many unsuccessful login attempts may result in the 429 error, and the user will be locked out for some time. For details, see Customer Login feature overview.
Response
Response sample: authenticate as a customer
{
"data": {
"type": "access-tokens",
"id": null,
"attributes": {
"tokenType": "Bearer",
"expiresIn": 28800,
"accessToken": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiJmcm9udGVuZCIsImp0aSI6IjA4NmRlMDEyZGE1Y2JjZDcyNzcwODBiMGFhMjU0ZWY1OTcxNjE2NjRkNzFmZjYzZjI2OTAyYTc3NmIyMTRkNjg1YWUzOGQzNGE2ZDE0NjQ5IiwiaWF0IjoxNjAxMjk1MjAxLCJuYmYiOjE2MDEyOTUyMDEsImV4cCI6MTYwMTMyNDAwMSwic3ViIjoie1wiaWRfY29tcGFueV91c2VyXCI6XCJlYmY0YjU1YS1jYWIwLTVlZDAtOGZiNy01MjVhM2VlZWRlYWNcIixcImlkX2FnZW50XCI6bnVsbCxcImN1c3RvbWVyX3JlZmVyZW5jZVwiOlwiREUtLTIxXCIsXCJpZF9jdXN0b21lclwiOjIxLFwicGVybWlzc2lvbnNcIjp7XCJwZXJtaXNzaW9uc1wiOlt7XCJpZF9wZXJtaXNzaW9uXCI6MSxcImtleVwiOlwiUmVhZFNoYXJlZENhcnRQZXJtaXNzaW9uUGx1Z2luXCIsXCJjb25maWd1cmF0aW9uXCI6e1wiaWRfcXVvdGVfY29sbGVjdGlvblwiOls1Myw1Miw1MSw1MCw0OSwyOCwyNywyNSwyNCwyMywyMiwyMV19LFwiY29uZmlndXJhdGlvbl9zaWduYXR1cmVcIjpcIltdXCIsXCJpZF9jb21wYW55X3JvbGVcIjpudWxsLFwiaXNfaW5mcmFzdHJ1Y3R1cmFsXCI6bnVsbH0se1wiaWRfcGVybWlzc2lvblwiOjIsXCJrZXlcIjpcIldyaXRlU2hhcmVkQ2FydFBlcm1pc3Npb25QbHVnaW5cIixcImNvbmZpZ3VyYXRpb25cIjp7XCJpZF9xdW90ZV9jb2xsZWN0aW9uXCI6WzUzLDUyLDUxLDUwLDQ5LDI4LDI3LDI1LDI0LDIzLDIyLDIxXX0sXCJjb25maWd1cmF0aW9uX3NpZ25hdHVyZVwiOlwiW11cIixcImlkX2NvbXBhbnlfcm9sZVwiOm51bGwsXCJpc19pbmZyYXN0cnVjdHVyYWxcIjpudWxsfSx7XCJpZF9wZXJtaXNzaW9uXCI6bnVsbCxcImtleVwiOlwiUmVhZFNob3BwaW5nTGlzdFBlcm1pc3Npb25QbHVnaW5cIixcImNvbmZpZ3VyYXRpb25cIjp7XCJpZF9zaG9wcGluZ19saXN0X2NvbGxlY3Rpb25cIjp7XCIwXCI6MSxcIjJcIjoyLFwiM1wiOjN9fSxcImNvbmZpZ3VyYXRpb25fc2lnbmF0dXJlXCI6W10sXCJpZF9jb21wYW55X3JvbGVcIjpudWxsLFwiaXNfaW5mcmFzdHJ1Y3R1cmFsXCI6bnVsbH0se1wiaWRfcGVybWlzc2lvblwiOm51bGwsXCJrZXlcIjpcIldyaXRlU2hvcHBpbmdMaXN0UGVybWlzc2lvblBsdWdpblwiLFwiY29uZmlndXJhdGlvblwiOntcImlkX3Nob3BwaW5nX2xpc3RfY29sbGVjdGlvblwiOntcIjBcIjoxLFwiMlwiOjIsXCIzXCI6M319LFwiY29uZmlndXJhdGlvbl9zaWduYXR1cmVcIjpbXSxcImlkX2NvbXBhbnlfcm9sZVwiOm51bGwsXCJpc19pbmZyYXN0cnVjdHVyYWxcIjpudWxsfV19fSIsInNjb3BlcyI6WyJjdXN0b21lciJdfQ.eLWdPoUJZyei-B20183npOEQqYgstxaXrcj2XvQdkIP88BM99wpdmPEiCiAZB7z2Bw9n-btKyt7cTPdRvq7jmJB09IW6PSemtg4y2FP99OO-GHb-A2_xRXjrRg94FAABmks_XvEpnHwdi12qQr_7QJhA361WPxhuDbT3onbqlvkRvv84txbwHl-RJNtaTVXgpY1hi4ufSZpcfuYMlCEcQUsXzG0u_2IhcLJ_bFNTYrVu-NTs4mGG2l22b4od1xCdoAPQVPGIs-YN1KpuuAgz5bdEHxfDwZiK0ljKR5asPG76sPSD-rh5Xvllzzns8nOcJUfTetIG-TjE-IuTClj-Hw",
"refreshToken": "def5020061e2eb3ee8a3d34eec1b4a08a987894ee73ac025401ea9973ff5d81b293b31e1f061a0c96b17bcce5fcbf95ec942de8c840a0f365f936af1850bb1157f40ef5d0e8ba921ee5defb545ab7b48e3903b397c3a59022687ac7620fb810566d5669c2ed305f49f6bca5ecc39615347e46aa4dcc96f100105f5798e19c4b6b511ffb1b272dd6187dd6ffedba81799c3fe46d2e7360d6daa12da4494abd22ae2bc672d60ebfeb306b5c075bfa7fd4ff340aedf979c817653462cd1448dc427e038fee3355a8126db57313c47eab2d86a76cbe594f6c1f63d188fb458476ce33f5eba80db3fb252aac4a7e6441fdabd8a873c399cb905a8e762304bfca75d3ef57721b8d430a85d990e3f9122bf6a864b47a4fea561b995d47c7356811658ca4b82ea31a68c91c28750ad7b113a9914265cfb6645ee737494dd1b45d9e6d3185bbab136954322f0089029b7158a7560acea7c5a61d821fed372d2088aaefd4511c6cc7096305427a09de39b143704dffe51ee6a96bd350fc177b6b3d3ee7f294aeb3bf46f67bf564da5507a92213fa82f45d026ba931e9b9d7e43cd926880057d7abd733e83e23d5cea2e8af2735fb99051bc71b012277bd13250efa08b368ebe4f94731210d4d44f502dbda52d508a9e9e19afcbb0ebc013dfb40c9632a565e4115e2e1cb5739dd79a1cae92fe702f0c921d1f50f4bdba5a7b4b890ad7fae42cd21c259edb4835611ee9a00bd446fc988c589e5cafab2b676af188740e742134d681e7da5cc839193a687086756081b8fce5b7d0189044c1f0a2dba8d621b9bcc63f42926a8d2b9ab16f735109e58e29d74a966adfac7f6f4badb4fc0cccc1a18e6ed825a98e83a1cbe7dda376a3347c88cbc97fd636307f3d01cdd3a95951ce963da04aea8f2a88aae5986f27967b5c2586d0b2187e1ef9d73850bd17a833a3196b85640ec48c1a512a9e5f9c2000ca432d1467ca88d419277db906be09bbcab5218fb6d45e379f1cfffbbb12015e47bcafee888e118bd36e748dcb6f94ce2a1fb5ab3198a67bbd269821cb5d9a33e541112bcf0f64f9cb2843f23a4d3f96037896763025f45002208dae9ece57983a0c183b793641310730739ff0243cb76de9c716881677b361a4babd9661b579afb3ff86bd539534ae54f97790e2891414237ccc5df71ee46ea591fa3a9df38e344ba3d9ca1e0ecc80d84c528de1adcd27f2b2f2feca279cb5713146e9d2f5dc864e96b5e1455741dab1d10ccc5bdc3b5dbc8175d54e5158ecf776d7ab4e1ab5e204c5d269e99499e0a008f3fd8198b58945ef700ff0c2cee9196d6cca6a583e2c2f47c7d40b773d65a4105427c6e6955e429be9a4c684f976b5179f4fb48029727ffd3704dd1868a9769a5d42af8db3a45087f2459d7e71e52e993ff9ea84dd7fc3f2f66afda04f372a60267b0e61c52c9c8e8b900a2dab1a73fb2f029ef5c17b72981532d83553799ba02553777a68d8af81f9b839c79eaf76a949dd4a97e2ea5e98bd958525eaa8d2e1bcdea4649c51ab60295a23e6987a62e15123bc7a8536d283f67ef6a7093256e7a3bb358f5d15fb18d3596028d34ba68b5d0fe7326cb9e50f9f16edfdf71bc258d8d3bdd7051bba49276a4abcade326f55a858559ec371c86b47e5cc522585defc5cace4d3125538676dd98a1b07a7eb42814b5cd38024d27bc6b7ce601789b61bd611e035e6952702c5206e91ed130bf36735ed9aed2125d3a8b543ea60423d38aef05a0c3996c4ab363595c88adbe3bf73a960ad34252e2263088ee3c47b74b37e459ac1ed075a86e614358b89da9db6bf44ed0d740b927739039f5e04be7fff578ef096da7f536836bb5866bbdc8686f6c3adcf0c4f35ae98e01142d7a295397b2237a85db0d9ed33c9594644f6d5530db257a6b06a9935ad36f64788e90a678621653b52154233ef730b2c6e58a85153ad9f852bc941db562be58e3d646a53e45362f0fe6f75aecf3cb17be7a6bf78526b774845d2108838d828becf2aa42214292edb422ae482361e2a9af85470cacdbde52f7589b9d2e1c3d7d42be52cfdc70d3a9cc5d0f4e45",
"idCompanyUser": "ebf4b55a-cab0-5ed0-8fb7-525a3eeedeac"
},
"links": {
"self": "https://glue.mysprykershop.com/access-tokens"
}
}
}
| ATTRIBUTE | TYPE | DESCRIPTION |
|---|---|---|
| tokenType | String | Type of the authorization token. Set this type when sending a request with the token. |
| expiresIn | Integer | The time in seconds in which the token expires. |
| accessToken | String | Authentication token used to send requests to the protected resources available for a customer. |
| refreshToken | String | Authentication token used to refresh the accessToken. |
| idCompanyUser | string | A unique identifier of a user within a company. Use it to retrieve a company user. |
Possible errors
| CODE | REASON |
|---|---|
| 003 | Failed to log in the user. |
| 901 | Unprocessable login data (incorrect email format; email or password is empty). |
To view generic errors that originate from the Glue Application, see Reference information: GlueApplication errors.
Next steps
Thank you!
For submitting the form