Authentication
Using API clients​
See the latest documentation in the developer portal
Using integration users​
As of September 2023, authentication with APIs must be done via API clients and NewStore will stop supporting authenticating with integration users soon. Follow the migration guide if you already use integration users.
Authentication is managed in an OAuth 2.0 compliant way.
To authenticate:
To get an access token from NewStore Omnichannel Cloud, use the
curl
command or theJSON
payload described below:curl -i -X POST -d'username={{username}}&grant_type=password&password={{password}}' https://{{tenant}}.p.newstore.net/v0/token
OR
{
"url":"https://tenant.p.newstore.net/v0/token",
"method":"post",
"headers":
{
"Content-Type":"application/json"
},
"data":
{
"grant_type": "password",
"username": "email",
"password": "password"
}
}where:
username
is your usernamepassword
is your passwordImportantDo not use the query parameter as the password, otherwise the request fails.
tenant
is typically the name of your company + a stage variable. For example:mycompany-sandbox
mycompany-staging
mycompany
(production)
Include the returned token in the
Authorization
header of a request:Authorization: Bearer <access token from the response above>
Test the authentication by sending the request.
If you omit the
Authorization
header, the request returns aHTTP 401
status code.If the token in the
Authorization
header is expired (or is otherwise not valid), the request returns aHTTP 403
status code.If the query parameter is used as the password, the request returns a
HTTP 400
status code with the following error message:Query parameter password is not allowed.
For more information, see the API docs. If you have technical issues with authentication, contact the support team.