Initiate an Authenticated Session
Send the following request to create a limited access token to identify the shopper session:
Include your base64-encoded API key and secret in the request header. Include
grant_type=client_credentials and the
externalReferenceId in the request body.
This Token API identifies a shopper session. A token consists of an
access_token and a
refresh_token. They correspond to session cookie and cookie in the browser. You can save the
refresh_token in the application and use them in subsequent queries. The
access_token expires after a specified interval (60 minutes by default in user session site settings in Global Commerce). The
refresh_token expires after one year.
expires_in property is the time-to-live (TTL) value for the access token. You can refresh the access token at any time.
For more information, see POST /oauth20/token (Limited-Access Token).