Token

Use the /oauth20/token API to generate either limited or full access tokens. You can also use it to refresh an access token. The requirements for the API depend on the type of application that invokes a request.

The /oauth20/token API generates an access token that you can use to access resources. Limited access tokens allow an application to shop anonymously. Full access tokens are required to retrieve authenticated shopper-specific details, such as address or payment details. This token only supports a public workflow.

Methods


					Host: api.digitalriver.com
User-Agent: API Client/1.0
Accept: application/json (Default)
Authorization: Basic username: client id password: client secret
			
					grant_type=client_credentials&dr_external_reference_id=partner-shopper-id
			
					HTTP/1.1 200 OK
Content-Length: 161
Access-Control-Allow-Origin: *
			
					{
   "access_token": "your_access_token",
   "token_type": "bearer",
   "expires_in": "3599",
}
			
					Host: api.digitalriver.com
User-Agent: API Client/1.0
Accept: application/json (Default)
Authorization: Basic username: client id password: client secret
			
					grant_type=password&username=valid-dr-shopper-login-id&password=valid-base64-encoded-password
			
					HTTP/1.1 200 OK
			
					{
   "access_token": "your_access_token",
   "token_type": "bearer",
   "expires_in": "3599",
   "refresh_token": "your_refresh_token"
}
			
					Host: api.digitalriver.com
User-Agent: API Client/1.0
Accept: application/json (Default)
Authorization: Basic username: client id password: client secret
			
					grant_type=password
			
					HTTP/1.1 200 OK
Content-Length: 161
Access-Control-Allow-Origin: *
			
					{
   "access_token": "your_access_token",
   "token_type": "bearer",
   "expires_in": "3599",
   "refresh_token": "your_refresh_token"
}
			
					Host: api.digitalriver.com
User-Agent: API Client/1.0
Accept: application/json (Default)
Authorization: Basic username: client id password: client secret
			
					refresh_token=your_refresh_token&grant_type=refresh_token
			
					HTTP/1.1 200 OK
Content-Length: 161
Access-Control-Allow-Origin: *
			
					{
   "access_token": "your_access_token",
   "token_type": "bearer",
   "expires_in": "3599",
   "refresh_token": "your_refresh_token"
}
			

Response Body Parameters

Field
Data Type
Visibility
Descripton
access_token
string
default
The access/session token. 
expires_in
int
default
The time in seconds until this token expires.
refresh_token
string
default
The refresh token that you can use to obtain new access tokens.
token_type
string
default
The type of token.