Skip to main content

Authenticate to Partner APIs with client Credentials

This guide will help you to authenticate with fynd partners APIs. Here, you will learn to make API calls to fynd partners APIs without using any external library.

Requirements

  • You’ve registered on the Fynd Partners and have access to any organization.

Step 1: Retrieve client credentials

You can obtain your Client Id and Client Secret from partners panel. Follow the steps outlined below to retrieve the credentials for your organization

  1. Log in to your Fynd Partners account.
  2. Here, if you have access to any organization you will get the screen to select an organization, otherwise it will open Create Organization form.
  3. Select the organization from the organization list, it will open the Fynd Partners Dashboard
  4. Click on the Clients tab in sidebar, which will open APIs & SDKs page
  5. Now, click on the Create Client and create the client by filling necessary details and permissions
  6. Now, you can check your client credentials here

Step 2: Get an access token using client credentials

Now, to make a Partners API call you need a valid access token. You can retrieve access token using your client credentials.

note

An access token obtained through the client credentials flow is limited to accessing data from the single organization associated with the credentials used to generate it.

You need to construct the API call as mentioned below and make a POST request to the /oauth/token endpoint. Include the parameters outlined below in the request body:

URL

https://api.fynd.com/service/panel/authentication/v1.0/organization/{organization_id}/oauth/token
Header nameDescription
AuthorizationIt's a combination of client_id and client_secret {client_id}:{client_secret} base64 string. Pass this token as a Basic ${base64TokenString} in authorization header.

Refer following shell script to convert clientId and clientSecret to base64TokenString

base64TokenString=$(echo -n {clientId}:{clientSecret} | base64)

Request Body

ParameterDescription
grant_typeGrant type to get access token. Here, pass grant_type as client_credentials.

CURL

curl -X POST "https://api.fynd.com/service/panel/authentication/v1.0/organization/{organization_id}/oauth/token" \
    -H "Authorization: Basic base64TokenString" \
    -H 'Content-Type: application/json' \
    -d '{"grant_type":"client_credentials"}'

Response

Upon a successful request, the server will respond with an access token as shown below:

{
    "access_token": "<token>", 
    "token_type": "Bearer",
    "expires_in": "<ttl>",
    "expires_at": "<timestamp>",
    "scope": [ ... ]
}

Step 3: Make authenticated requests to partners APIs

To make authenticated requests to Fynd partners APIs you need to pass an access token (retrieved in step 2) in the authorization header

Authorization: Bearer {access_token}

Example: Authenticated request to platform API

curl -X GET "https://api.fynd.com/service/partner/theme/v1.0/organization/{organization_id}/themes" \
    -H "Authorization: Bearer {access_token}"