Ucommerce
  • Ucommerce Next Gen
    • Getting Started
      • Prerequisites
      • Licensing
      • Ucommerce Templates
      • Headless Template
      • MVC Template
    • Headless
      • Postman Collection
      • Headless API Authentication
        • Token endpoint - Authorization Header
        • Authorization Scopes
        • Refreshing the Access Token
      • Reference
        • Cart
        • Cart / Order Line Items
        • Shipment
        • Billing
        • Promotion Codes
        • Price Groups
        • Payment Methods
        • Countries
        • Shipping Methods
        • Catalogs
        • Cart Custom Properties
        • Line Item Custom Properties
        • Orders
        • Views for Cart modifying operations
      • Custom Headless APIs
      • Error Handling
      • Pagination
      • Deprecation
    • Backoffice Authentication
      • Microsoft Entra ID Example
      • Auth0 Authentication Example
    • Definitions
      • What is a Definition
    • Search and indexing
      • Configuration
      • Indexing
        • Index Definitions
        • Facets
        • Indexing Prices
        • Suggestions
        • Custom Data
      • Searching
    • Payment Providers
      • Stripe Provider Integration
      • Implementing a custom payment provider
    • Data Import
    • Miscellaneous
      • Media
      • Price Group Inheritance
      • Price Group Criteria
      • Soft Deletion Of Entities
      • Logging
      • OpenTelemetry
    • Extensions
      • Extending Pipelines
        • Order Processing Pipelines
        • Checkout Pipelines
      • Changing Service Behavior
        • Images
        • Content
      • Custom Headless APIs
      • Extend the Backoffice
        • Custom UI Components
      • Custom Editor UI
      • Custom Promotion Criteria
      • Custom Price Group Criteria
    • How-To
      • Migrate from Classic
        • Common database issues
      • Entities from code
        • Bootstrapping data on startup
        • Product Definitions & Fields
      • Discover pipelines and their tasks
      • Executing a pipeline
    • Integrations
      • Umbraco Media Delivery API
      • App Slices
        • Product Picker
  • Release Notes
  • Contact Us
Powered by GitBook
On this page

Was this helpful?

  1. Ucommerce Next Gen
  2. Headless
  3. Headless API Authentication

Token endpoint - Authorization Header

The /api/v1/oauth/token endpoint uses the Basic HTTP Authentication scheme (as defined in rfc7617).

The format for the header is: Basic : <credentials encoded as base64>. A step-by-step to formatting in .NET:

  • Take the clientId and the secret and format them as delimited by a colon (:)

string credentials = $"{clientId}:{clientSecret}";

  • Next, encode this string as a base64 string

byte[] credentialsByteData = Encoding.GetEncoding("iso-8859-1").GetBytes(credentials);
string base64Credentials = Convert.ToBase64String(credentialsByteData);

  • Lastly, format it to include the "Basic" keyword, followed by the now encoded credentials:

return $"Basic {base64Credentials}";

Put together in a method that can be reused for both token and refresh token requests:

public string GenerateBasicAuthorizationHeaderValue(string clientId, string clientSecret)
{
    string credentials = $"{clientId}:{clientSecret}";
    byte[] credentialsByteData = Encoding.GetEncoding("iso-8859-1").GetBytes(credentials);
    string base64Credentials = Convert.ToBase64String(credentialsByteData);
    return $"Basic {base64Credentials}";
}

PreviousHeadless API AuthenticationNextAuthorization Scopes

Last updated 1 year ago

Was this helpful?