Authentication

Using API clients

See the latest documentation in the developer portal

Using integration users

Deprecated

This feature is now deprecated since September, 2023.

Important

As of September 2023, authentication with APIs must be done via API clients and NewStore will stop supporting authenticating with integration users soon. Follow the migration guide if you already use integration users.

Authentication is managed in an OAuth 2.0 compliant way.

To authenticate:

1. To get an access token from NewStore Omnichannel Cloud, use the curl command or the JSON payload described below:

   curl -i -X POST -d'username={{username}}&grant_type=password&password={{password}}' https://{{tenant}}.p.newstore.net/v0/token

   OR

   {
    "url":"https://tenant.p.newstore.net/v0/token",
    "method":"post",
    "headers":
    {
      "Content-Type":"application/json"
    },
    "data":
    {
      "grant_type": "password",
      "username": "email",
      "password": "password"
    }
   }

   where:

   • username is your username

   • password is your password

     Important

     Do not use the query parameter as the password, otherwise the request fails.

   • tenant is typically the name of your company + a stage variable. For example:

     • mycompany-sandbox
     • mycompany-staging
     • mycompany (production)

2. Include the returned token in the Authorization header of a request:

   Authorization: Bearer <access token from the response above>

3. Test the authentication by sending the request.

   If you omit the Authorization header, the request returns a HTTP 401 status code.

   If the token in the Authorization header is expired (or is otherwise not valid), the request returns a HTTP 403 status code.

   If the query parameter is used as the password, the request returns a HTTP 400 status code with the following error message:

   Query parameter password is not allowed.

For more information, see the API docs. If you have technical issues with authentication, contact the support team.