Get Storefront authToken with Credentials | BigCommerce Developer Center

By default, the resulting storefront authToken is valid for 1 day. However, you can adjust its validity period with the beginAt and endAt fields in the request body.

Uses the login credentials of a storefront customer or a Company user to generate a storefront authToken to validate requests to the B2B Storefront GraphQL API. Unlike the Get a Storefront API authToken endpoint, this request does not rely on a JWT from an active storefront session. By default, the resulting storefront authToken is valid for **1 day**. However, you can adjust its validity period with the `beginAt` and `endAt` fields in the request body.

Authentication

X-Auth-Tokenstring

Authentication header

Header	Argument	Description
`X-Auth-Token`	`access_token`	For more about API accounts that generate `access_token`s, see our Guide to API Accounts.

### Authentication header | Header | Argument | Description | |:-------|:---------|:------------| | `X-Auth-Token` | `access_token` | For more about API accounts that generate `access_token`s, see our [Guide to API Accounts](/developer/docs/overview/api-accounts). | ### Further reading For example requests and more information about authenticating BigCommerce APIs, see [Authentication and Example Requests](/developer/docs/overview/api-accounts#x-auth-token-header-example-requests). For more about BigCommerce OAuth scopes, see our [Guide to API Accounts](/developer/docs/overview/api-accounts#oauth-scopes). For a list of API status codes, see [API Status Codes](/developer/api-reference/rest/overview#rest-http-status-codes).

Request

This endpoint expects an object.

storeHashstringRequired>=1 character

The unique store hash for the BigCommerce store.

emailstringRequiredformat: "email">=1 character

The email address associated with the user's account.

passwordstringRequiredformat: "password">=1 character

The password associated with the user's account.

channelIdintegerRequired

The storefront channel ID where the order was placed.

namestringRequired

The internal name assigned to the generated API token.

beginAtintegerOptional

The Unix timestamp indicating when the storefront authToken starts being valid.

The [Unix timestamp](https://www.unixtimestamp.com/) indicating when the storefront authToken starts being valid.

endAtintegerOptional

The Unix timestamp indicating when the storefront authToken is no longer valid.

The [Unix timestamp](https://www.unixtimestamp.com/) indicating when the storefront authToken is no longer valid.

Response

codeintegerDefaults to 200

The HTTP Status code of the response.

dataobject

metaobject

1	import requests
2
3	url = "https://api-b2b.bigcommerce.com/api/io/auth/customers"
4
5	payload = {
6	"storeHash": "1234abcd",
7	"email": "user@example.com",
8	"password": "MyPassword123",
9	"channelId": 1000234,
10	"name": "customer storefront token"
11	}
12	headers = {
13	"X-Auth-Token": "<apiKey>",
14	"Content-Type": "application/json"
15	}
16
17	response = requests.post(url, json=payload, headers=headers)
18
19	print(response.json())

1	{
2	"data": {
3	"name": "customer storefront token",
4	"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJlbWFpbCI6InRlc3RfYjJjX29yZGVyX2ltcG9ydEBxcS5jb21tIiwic3RvcmVfaGFzaCI6ImYyb3N4ampueGoiLCJkYiI6ImRlZmF1bHQifQ.L_u_enljWoYBbPPskmYEQVHldHIaTcWMIB-SdFah850"
5	},
6	"meta": {}
7	}