When you log in as an individual user (either a shopper or an internal user such as admin), there is no application key, so you must instead supply the user login and password in the body of the request. The following example illustrates logging in to a shopper account on the storefront server:

POST /ccstore/v1/login HTTP/1.1
Content-Type: application/x-www-form-urlencoded

grant_type=password&username=johndoe@example.com&password=g4dEj3w1

The following example shows the server’s JSON response, which includes the access token to be used in subsequent requests:

{
"access_token": "<access_token>",
"token_type": "bearer"
}

To log into the Admin API on the administration server, use an account that has the Administrator role. Issue a POST request to the /ccadmin/v1/login endpoint, and include the username and password in the body of the request. For example:

POST /ccadmin/v1/login HTTP/1.1
Content-Type: application/x-www-form-urlencoded

grant_type=password&username=alvinadmin@example.com&password=A3ddj3w

The response includes an access token to use in subsequent requests. Each API you log into returns a separate access token.

Note that account passwords may expire or be changed, so you must make sure you have an up-to-date password when you log in.