The Open Commerce API requires that all client applications identify
themselves using a client ID.
You can obtain a client ID in Account Manager as explained in Adding a
client ID for the Open Commerce API. After you obtain an ID, verify
that it is enabled.
Note: You can see a list of all client IDs in your organization by
selecting API Client in the left navigation menu in
Account Manager.
Include the client ID in every API request. It can be passed in several
ways:
- For requests requiring an Authorization:Bearer token, the
client ID is determined from the provided token:
GET https://.../shop/v23_2/baskets
Authorization:Bearer token
- JWT: the client ID is embedded within the token payload
as the 'issuer' claim
- OAuth: the client ID is resolved from the Account
Manager using the token
- You can pass a client ID in the
client_id request
parameter: GET https://example.com/dw/shop/v23_2/products/123456?client_id=[your_own_client_id]
- You can pass a client ID in the
x-dw-client-id
HTTP header: GET https://example.com/dw/shop/v23_2/products/123456
x-dw-client-id:[your_own_client_id]
If more than one mechanism is used to provide a client ID, it is
resolved using the following order of precedence.
- Bearer token
- Request parameter
- HTTP Header
If you do not provide a client ID, the server returns an HTTP status
400 (Bad Request).
Note: Your client ID must be enabled in Account Manager.
Because client IDs are cached for a time before being revalidated, when
you enable or disable a client ID, its status does not change
immediately.