- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Magento rest API - which type of authentication it use in mobile application in backend
In Magento [2.2.4] web API when i pass username and password then it generates token for that specific customer (Which is only valid for 1 hour - it's configurable from admin)
http://magento.host/index.php/rest/V1/integration/customer/token?username=test.user@test.com&password=test@123
which returns token.
After generating token, when we pass that token in header.
Authorization :: Bearer *Token Value*
http://magento.host/index.php/rest/V1/customers/me
Which returns customer detail's.
In webapi.xml
<route url="/V1/customers/me" method="GET"> <service class="Magento\Customer\Api\CustomerRepositoryInterface" method="getById"/> <resources> <resource ref="self"/> </resources> <data> <parameter name="customerId" force="true">%customer_id%</parameter> </data> </route>
The above case i explained is working fine for webAPI in magento2 which i tested in POSTMAN.
Now the case is,
Every hour regeneration of token and after that login again every hour
is not logical for Mobile Application.
Then how Magento2 manages user login data and authentication in Mobile application, if it is developed API As per Service Contracts
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Magento rest API - which type of authentication it use in mobile application in backend
Hello @aditya_shah
It is for the customer, for admin you can use the same key for all. You need to create integration point for same.
Problem solved? Click Kudos & Accept as Solution!
Sunil Patel
Magento 2 Certified Professional Developer & Frontend Developer