Solved: REST API call to get logged in customer ID

semboku · ‎02-27-2017

I want to make a REST call from outside of Magento (but on the same domain) to get the currently logged in customer's ID. I don't want them to have to login again or provide a password, I just need to get their ID so I can redirect them somewhere based on their ID.

I see this endpoint in the URL:

http://mydomain.com/rest/V1/customers/me

but when I cURL that URL I get nothing. Do I still need to get a token to access this even though it is anonymous and based on the session? If so, what does this PHP call look like?

Sinisa · ‎02-28-2017

You must me on the same domain - otherwise, you'll have to find a way to pass session cookie. In this case, the code would be something like:

$ch = curl_init('dev.magento2.com/rest/V1/customers/me');
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "GET");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
    'Content-Type: application/json'
));
curl_setopt($ch, CURLOPT_COOKIE, 'PHPSESSID=' . $_COOKIE['PHPSESSID']);
curl_setopt($ch, CURLOPT_TIMEOUT, 5);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);

//execute post
$result = curl_exec($ch);

//close connection
curl_close($ch);

$json = json_decode($result);
echo $json->id;

Keep in mind that Magento2 uses single entry-point, so you may have issues to execute any PHP script other than index.php

For example, in my case, I had to add the following snippet in Nginx in order to be able to execute script called pub/test.php:

location ~* /test.php {
        fastcgi_pass   fastcgi_backend;

        fastcgi_param  PHP_FLAG  "session.auto_start=off \n suhosin.session.cryptua=off";
        fastcgi_param  PHP_VALUE "memory_limit=768M \n max_execution_time=600";
        fastcgi_read_timeout 600s;
        fastcgi_connect_timeout 600s;

        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
        include        fastcgi_params;
}

If this response was helpful to you, consider giving kudos to this post.

If this response solved your problem, click accept as solution to help others solve this issue

If this response was helpful to you, consider giving kudos to this post.
If this response solved your problem, click accept as solution to help others solve this issue

View solution in original post

mbrinton · ‎02-27-2017

Hello Semboku,

This call can be used to get the customer details for the currently logged in customer, but you need to be that customer. This is because multiple customers can be logged into the storefront at one time.

To use the endpoint, simply open the storefront in your browser and login as any customer. Then open the link:

http://mydomain.com/rest/V1/customers/me

No authentication is required. You will get a response similar to the following (this is where I'm logged in as the user from the Sample Data):

<response>
<id>1</id>
<group_id>1</group_id>
<default_billing>1</default_billing>
<default_shipping>1</default_shipping>
<created_at>2017-02-14 22:25:32</created_at>
<updated_at>2017-02-14 22:25:32</updated_at>
<created_in>Default Store View</created_in>
<dob>1973-12-15</dob>
<email>roni_cost@example.com</email>
<firstname>Veronica</firstname>
<lastname>Costello</lastname>
<gender>2</gender>
<store_id>1</store_id>
<website_id>1</website_id>
<addresses>
<item>
<id>1</id>
<customer_id>1</customer_id>
<region>
<region_code>MI</region_code>
<region>Michigan</region>
<region_id>33</region_id>
</region>
<region_id>33</region_id>
<country_id>US</country_id>
<street>
<item>6146 Honey Bluff Parkway</item>
</street>
<telephone>(555) 229-3326</telephone>
<postcode>49628-7978</postcode>
<city>Calder</city>
<firstname>Veronica</firstname>
<lastname>Costello</lastname>
<default_shipping>true</default_shipping>
<default_billing>true</default_billing>
</item>
</addresses>
<disable_auto_group_change>0</disable_auto_group_change>
</response>

semboku · ‎02-27-2017

mbrinton, I already know this.

My question is, how do I make that call with PHP, so my code captures the customer ID and can use it. I can't sit there at everyone's house and open that link for them to get the ID :-)

How do I make a call to that URL programmatically and capture the User ID into a PHP variable?

semboku · ‎02-27-2017

When I use file_get_contents() I get this error:

{"message":"Consumer is not authorized to access %resources"...}

I assume because the web user of my server cannot access the cookie?

Sinisa · ‎02-28-2017

You must me on the same domain - otherwise, you'll have to find a way to pass session cookie. In this case, the code would be something like:

$ch = curl_init('dev.magento2.com/rest/V1/customers/me');
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "GET");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
    'Content-Type: application/json'
));
curl_setopt($ch, CURLOPT_COOKIE, 'PHPSESSID=' . $_COOKIE['PHPSESSID']);
curl_setopt($ch, CURLOPT_TIMEOUT, 5);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);

//execute post
$result = curl_exec($ch);

//close connection
curl_close($ch);

$json = json_decode($result);
echo $json->id;

Keep in mind that Magento2 uses single entry-point, so you may have issues to execute any PHP script other than index.php

For example, in my case, I had to add the following snippet in Nginx in order to be able to execute script called pub/test.php:

location ~* /test.php {
        fastcgi_pass   fastcgi_backend;

        fastcgi_param  PHP_FLAG  "session.auto_start=off \n suhosin.session.cryptua=off";
        fastcgi_param  PHP_VALUE "memory_limit=768M \n max_execution_time=600";
        fastcgi_read_timeout 600s;
        fastcgi_connect_timeout 600s;

        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
        include        fastcgi_params;
}

If this response was helpful to you, consider giving kudos to this post.

If this response solved your problem, click accept as solution to help others solve this issue

If this response was helpful to you, consider giving kudos to this post.
If this response solved your problem, click accept as solution to help others solve this issue

semboku · ‎02-28-2017

Sinisa this worked perfectly, thank you.

semboku · ‎09-04-2017

This seems to have stopped working in version 2.1.7 and 2.1.8. When I go to www.mydomain.com/rest/V1/customers/me I get "Consumer is not authorized to access %resources" even if the user is indeed logged in. Anyone else experiencing this?

semboku · ‎12-09-2017

Yes, it no longer works on Version 2.1.8, if I go to

http://somedomain.com/rest/V1/customers/me

I get this:

<message>Consumer is not authorized to access %resources</message>

</parameters>

</response>

dustin_poissant · ‎04-16-2018

I am getting the same issue, was this ever solved?

buggermenot · ‎05-30-2018

I got the same message. Is there anybody out there that have solutions?

REST API call to get logged in customer ID

REST API call to get logged in customer ID

Re: REST API call to get logged in customer ID

Re: REST API call to get logged in customer ID

Re: REST API call to get logged in customer ID

Re: REST API call to get logged in customer ID

Re: REST API call to get logged in customer ID

Re: REST API call to get logged in customer ID

Re: REST API call to get logged in customer ID

Re: REST API call to get logged in customer ID

Re: REST API call to get logged in customer ID

Re: REST API call to get logged in customer ID