You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Server-Side Extension Authentication Examples



This topic illustrates the following behaviors related to authenticated access in your server-side extension custom app.

Content (required):

How pass-through authentication works for logged-in shoppers

If a shopper is currently authenticated with Oracle Commerce, the current OAuth 2.0 bearer token will be included in the authorization header of the incoming request to your custom app. The authorization header contains a JSON Web Token (JWT), which is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object.

The JWT is base64 encoded and you can parse the token to retrieve information about the logged-in shopper. In order to support

Howdy, Stranger!

Log In

To view full details, sign in.


Don't have an account? Click here to get started!