Magento 2 API: Get Customer Token

Categories Magento, Magento 2 Tags , , , , ,
LinkedInPinPrintShares

In this article, we will be looking into how we can get the customer token in Magento 2.

Customer Users in Magento have access to resources with anonymous or self permission. To access the self resources, the API call should be authorized.

In the Token-based Authorization method, the customer token is necessary to authorize the API call.

Customer Token is used in applications to authorize specific customers and query data related to that customer (for example, customer details, cart, and orders).

NOTE:

  • Customer token is valid for 1 hour by default.
  • This value can be changed from Magento admin: STORES > Settings > Configuration > Services > OAuth > Access Token Expiration > Customer Token Lifetime (hours).
  • A cron job that runs hourly removes all expired tokens.

token lifetime admin customer

Get Customer Token

API Doc:
https://adobe-commerce.redoc.ly/2.4.5-admin/tag/integrationcustomertoken

Endpoint:

With store code


POST <host>/rest/<store_code>/V1/integration/customer/token

Or, without store code


POST <host>/rest/V1/integration/customer/token

Headers:


Content-Type application/json

Payload:


{
  "username": "<customer-username>",
  "password": "<customer-password>"
}

Response:

Magento generates the customer’s access token


n45phzh5trxxxxxvy2he5iqvnagzsdid

Get customer token using cURL Request


curl --location --request POST '<host>/rest/V1/integration/customer/token' \
--header 'Content-Type: application/json' \
--data-raw '{
    "username": "<customer-username>", 
    "password": "<customer-password>"
}'

Get customer token using PHP cURL


<?php

$curl = curl_init();

curl_setopt_array($curl, array(
  CURLOPT_URL => '<host>/rest/V1/integration/customer/token',
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => '',
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 0,
  CURLOPT_FOLLOWLOCATION => true,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => 'POST',
  CURLOPT_POSTFIELDS =>'{
    "username": "<customer-username>", 
    "password": "<customer-password>"
}',
  CURLOPT_HTTPHEADER => array(
    'Content-Type: application/json'
  ),
));

$response = curl_exec($curl);

curl_close($curl);
echo $response;

Use Customer Token to Access Own Data

In this example, we use the customer token to get own (logged-in customer) data, i.e. the customer whose username and password are used to generate the customer token.

API Doc:
https://adobe-commerce.redoc.ly/2.4.5-admin/tag/customersme

Endpoint:

With store_code


GET <host>/rest/<store_code>/V1/customers/me

Or, without store_code


GET <host>/rest/V1/customers/me

Headers:


Content-Type application/json

Authentication Bearer Token:


<customer-token-generated-above>

Get customer self data using cURL Request


curl --location --request GET '<host>/rest/V1/customers/me' \
--header 'Authorization: Bearer n45phzh5trxxxxxvy2he5iqvnagzsdid'

Hope this helps. Thanks.

Magento REST API Reference: https://developer.adobe.com/commerce/webapi/rest/quick-reference/

Related posts:

  1. Magento 2 API: Get Admin Token
  2. Introduction to Magento 2 API
  3. Magento 2: Create Customer Programmatically
  4. Magento: Redirect Customer to Previous Page After Login
  5. Magento: Create Customer Programmatically