General
This developer guide introduces the Authentication API and shows you how to work with it.
The Authentication API, also known as the "Auth" API, serves the purpose of registering and logging in customers, including guest customers without passwords, as well as resetting a customer's password. This API enables you to:
- Acquire an access token, which grants you the ability to both retrieve and modify customer data via the Customer Account API.
- Initiate the checkout process with the web component.
- View all active sessions for a given customer and invalidate specific tokens or sessions.
To implement custom login and registration forms, as well as the password reset flow on your storefront, you'll need to make calls from your frontend to your backend. Subsequently, your backend will communicate with the Auth API.
Please be aware that the Auth API is designed exclusively for backend-to-backend interactions. Making direct calls from the frontend to the Auth API is not supported.
This guide provides you with the necessary information to seamlessly integrate with the Auth API, elucidating key concepts and relevant endpoints. For specific endpoint details, refer to the API specification.
Create API Client
Create an API Client in SCAYLE Panel.
Before you can interact with the Auth API, you have to create an API client in the SCAYLE Panel to obtain your client_id and client_secret.
To create a token:
- Navigate to
Shops > Storefront > API keys. - Click + Generate OAuth Credentials.
- Enter a Name and click Create Token.
The ID and token are then displayed only once.
.PNG)
SCAYLE Panel: Generate Authentication API token.
Make sure to store those credentials safely in your back end. All the endpoints explained in the following chapters require you to provide the client_id and client_secret as a Basic Auth header on the request.
Example
Authorization: Basic {base64Encode({client_id}:{client_secret})}
