XM

Login Local User

Path:

POST https://{baseurl}/api-commerceIdentity/auth/local/login

Allows registered users to login to your site using their own credentials (email and password). Unlike guest users, a logged-in user can save their settings, preferences, build a persistent cart, track orders, view order history, add/update wish list, and much more.

This API returns the customer details along with the JSON Web Token (JWT), which is your customer's digital signature. It defines a compact and self-contained way for securely transmitting information. This Authorization token is essential to run most of the customer-context API calls.

Headers

Content-Type : application/json

x-site-context : { "date": "2020-08-28T02:35:27.787Z", "channel": 12, "account": 5f493c9f30ec2a0007a94fc8", "stage": "sandbox" }

Parameters

Type : requestBody

Name : The login credentials.

Required: true

Sample Request

{
"username" : "[email protected]",
"password" :"ExamplePassword123!"
}

Sample Response

HTTP Code: 200 Message: OK

Description: You will see this message when login credentials are successfully validated and the user has logged in to your site.

{
"_id": "5e97947d3cb8553c0e43d87f",
"userId": 90,
"roles": [
{
"id": "5de1646f8c6352091d944f1c"
}
],
"name": {
"first": "John",
"middle": "A",
"last": "Smith"
},
"accessToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjVlOTc5NDdkM2NiODU1M2MwZTQzZDg3ZiIsInJvbGVzIjpbeyJpZCI6IjVkZTE2NDZmOGM2MzUyMDkxZDk0NGYxYyJ9XSwiaWF0IjoxNTg2OTkyODUyLCJleHAiOjE1ODY5OTQ2NTJ9.KGGW4Ij8PpnIgj0r_xX8BAYTpgcqOV9vJNx16zNhe_gBBaiqvwUdHKPcrrAU-D6PxU4k3n7LCEghf6V0kvAoSA",
"refreshToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjVlOTc5NDdkM2NiODU1M2MwZTQzZDg3ZiIsImlhdCI6MTU4Njk5Mjg1MiwiZXhwIjoxNTkwODgwODUyfQ.RSn_7schigJey3iLeJq0XXNGbxkrxRJYGykYvY_LIRtMk-6qBtxy7kII9-EOKYzaldV0rRpjzMhG16Ov2XePlA"
}

HTTP Code: 400 Message: Bad Request

Description: You will see this message when the login credentials cannot be validated; either the username or password, or both are incorrect.

Sample:

{
"code": "LOCAL_AUTH_FAILED",
"message": "Username or Password is Invalid."
}

Changelog

*Last updated - July 2020