Use Authorization Tokens to Access APIs
How to Use Token-Based Authorization
You can use the token received in response to a request to the Authentication API to authorize with other APIs. Here are the APIs that support token-based authorization:
- Products API
- Dynamic Product Checkout API
- Subscriptions API
- Payments API
To authorize when using these APIs, transfer the token in the request header:
Authorization token.
- Format:
Bearer [token] - Where [token] is substituted by the token value obtained through the authentication API.
Example
Let us suppose that you received the following response to your request to the Authentication API:
{
"token": "fj45u923j59ju42395iu9423i59243u0",
"refresh_token": "4e283bb7620068c42d6"
}When making the request to another API, transfer in the request header:
AuthorizationJWT: Bearer fj45u923j59ju42395iu9423i59243u0When using Postman, you can add the Token variable to the Environment settings and insert the token value automatically into your requests to other APIs.
Example of variables set up in Postman
Example of token transfer using postman
Authorization Errors
If authorization with the token is not performed, then the HTTP/1.1 401 Unauthorized response code and the error description return in the response body in JSON format.
Additional Error Codes for HTTP 401
| Error | Message | Description |
| 1007 | Your token is invalid. | Authorization failed, your token value is invalid. |
| 1008 | Missing token. | Authorization failed, your token has not been transferred. |
| 1009 | Your token is expired. | Authorization failed, your token has expired. |
Example of Error Response
{
"errors": [
{
"error": 1007,
"message": "Your token is invalid."
}
]
}