You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Server-Side Extension Authentication Examples

edited Dec 14, 2020 10:19PM in Commerce

Summary

CX Commerce authenticated endpoint best practices usage and examples

Content

This project illustrates the following behaviors related to authenticated access in your server-side extension custom app.

How pass-through authentication works for logged-in shoppers

If a shopper is currently authenticated with CX Commerce, the current OAuth 2.0 bearer token will be included in the authorization header of the incoming request to your custom app. The authorization header contains a JSON Web Token (JWT), which is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object.

The JWT is base64 encoded and you can parse the token to retrieve information about the logged-in shopper. In order to support

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!