RESTB2BStorefrontAuthentication

Get Storefront authToken for Specific Customer

Validates a Company user’s login credentials to create a storefront authToken that can be queried for future GraphQL requests. Equivalent Storefront GraphQL API Mutation: `login` The GraphQL API mutation also allows you to return a `storefrontLoginToken`. This retrieves a JWT, which can be passed to the BigCommerce [Customer Login endpoint](/developer/docs/storefront/guides/customer-authentication/customer-login) in order to log a customer in with a Stencil storefront session. The `login` response also includes information related to the Company user, such as their name and their account’s internal identifiers. **Note:** the resulting storefront authToken is tied to the Company user, and their assigned user role determines whether or not further requests are authorized. For example, if you generate an authToken for a user who does not have the `create_address` permission enabled, using the token to validate the GraphQL API `addressCreate` mutation will result in an error. For a complete list of Company user permissions and their scopes, see [Company Roles and Permissions](/developer/api-reference/rest/b2b/management/company-roles-and-permissions). ### Example GraphQL API Body **With Storefront authToken only** ``` graphQL copy mutation { login( loginData: { storeHash: "1234abcd", email: "axe@snapmail.cc", password: "MyPassword123" } ) { result { token user { id bcId firstName lastName email } } } } ``` **With Storefront authToken and storefrontLoginToken** ``` graphQL copy mutation { login( loginData: { storeHash: "1234abcd", email: "axe@snapmail.cc", password: "MyPassword123" } ) { result { token storefrontLoginToken user { id bcId firstName lastName email } } } } ``` ### Example GraphQL API Responses **With Storefront authToken only** ``` json copy { "data": { "login": { "result": { "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJlbWFpbCI6InRlc3RfYjJjX29yZGVyX2ltcG9ydEBxcS5jb21tIiwic3RvcmVfaGFzaCI6ImYyb3N4ampueGoiLCJkYiI6ImRlZmF1bHQifQ", "user": { "id": "8889911", "bcId": 28, "firstName": "B2B", "lastName": "User", "email": "user@example.com" } } } } } ``` **With Storefront authToken and storefrontLoginToken** ``` json copy { "data": { "login": { "result": { "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJlbWFpbCI6InRlc3RfYjJjX29yZGVyX2ltcG9ydEBxcS5jb21tIiwic3RvcmVfaGFzaCI6ImYyb3N4ampueGoiLCJkYiI6ImRlZmF1bHQifQ", "storefrontLoginToken": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJlbWFpbCI6ImtpZG8yNzZAc25hcG1haWwuY2MiLCJzdG9yZV9oYXNoIjoiMWk2enB4cGUzZyIsImRiIjoiZGVmYXVsdCIsIm5hbWUiOiJ0ZXN0OSIsImNoYW5uZWxfaWRzIjpbMV0sInRva2VuX3R5cGUiOjMsIm5iZiI6MTAwMCwiZXhwIjoyMDAxfQ.EiR__LVAlBVNYtFCZPWJYoPv6UfGiXtULxhK-BCQZjY", "user": { "id": "8889911", "bcId": 28, "firstName": "B2B", "lastName": "User", "email": "user@example.com" } } } } } ```

Request

This endpoint expects an object.
storeHashstringRequired
The unique store hash for the BigCommerce store.
channelIddoubleRequiredDefaults to 1

The storefront channel ID associated with the storefront login session. Use 1 for your store’s default storefront channel.

nameobjectRequired
emailstringRequiredformat: "email">=1 character
The email address associated with the user's account.
passwordstringRequiredformat: "password">=1 character
The password associated with the user's account.
beginAtintegerOptional
The [Unix timestamp](https://www.unixtimestamp.com/) indicating when the storefront authToken starts being valid.
endAtintegerOptional
The [Unix timestamp](https://www.unixtimestamp.com/) indicating when the storefront authToken is no longer valid.

Response

OK
codedoubleDefaults to 200
dataobject
metaobject

Errors

400
Bad Request Error