Login
To access the SuperCommerce APIs, you must first authenticate using a bearer token. To obtain a bearer token, you must send a login request to the API with your credentials.
We offers two methods for user authentication through its login API. In addition, our Configuration API enables you to configure your preferred authentication method using a key provided by Supercommerce. You can enable phone/password-based login.
Endpoint:
api/customer/authMethod:
POST
Using login by email and password or phone number and password if enabled by the enablePhoneLogin key in the Configuration API. the phone parameter becomes required, and the email parameter becomes optional.
By Using Email
Email and password-based authentication for login request.
- Request Body:
Here is an example request body for logging in with email and password:
| Key | Type | Required | Description |
|---|---|---|---|
email | string | Yes | The email address of the customer. |
password | string | Yes | The password of the customer. |
{
"email": "doc@supercommerce.io",
"password": "12345678"
}
By Using Phone
Phone number and password-based authentication for login request.
- Request Body:
Here is an example request body for logging in with phone number and password:
| Key | Type | Required | Description |
|---|---|---|---|
phone | string | Yes | The phone number of the customer. |
password | string | Yes | The password of the customer. |
{
"phone": "01111111111",
"password": "12345678"
}
After successful login, the API will respond with a JSON object containing the user's authentication token in the 'data' field. The token can be accessed using the 'token' key within the 'data' object.
- Success Response:
You can check more details about Customer Resource.
{
"code": 200,
"data": {
"id": 1153383,
"name": "Test",
"last_name": "Documentation",
"email": "doc2@supercommerce.io",
"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..",
"is_guest": false,
//...
}
}
- Failure Response:
If the credentials are invalid, the API returns a 403 error with a message indicating that either the password or phone number is incorrect.
{
"code": 403,
"message": "Password or phone are incorrect, kindly check them again.",
//...
}
The API for email/phone availability checks if the email address or phone number is already used in the system. the API returns a 423 error with a message indicating that the email or phone number is already used.
{
"code": 423,
"message": "The email field is required",
"message_ar": "The email field is required",
//...
}
{
"code": 423,
"message": "The phone field is required",
"message_ar": "The phone field is required",
//...
}
Check the following section to learn more about the Login API Reference