sdk-middleware-auth
Middleware to authenticate the request using one of the supported auth flows.
Install
Node.js
npm install --save @commercetools/sdk-middleware-auth
Browser
<script src="https://unpkg.com/@commercetools/sdk-middleware-auth/dist/commercetools-sdk-middleware-auth.umd.min.js"></script>
<script>
// global: CommercetoolsSdkMiddlewareAuth
</script>
createAuthMiddlewareForClientCredentialsFlow(options)
Creates a middleware to handle authentication for the Client Credentials Flow of the commercetools platform API.
Named arguments (options)
host(String): the host of the OAuth API serviceprojectKey(String): the key of the project to assign the default scope tocredentials(Object): the client credentials for authentication (clientId,clientSecret)scopes(Array): a list of scopes (defaultmanage_project:{projectKey}) to assign to the OAuth tokenfetch(Function): Afetchimplementation which can be e.g.node-fetchorunfetchbut also the native browserfetchfunction. Only needs be be passed if not globally available (e.g. throughisomorphic-fetch)
Usage example
import { createClient } from '@commercetools/sdk-client'
import { createAuthMiddlewareForClientCredentialsFlow } from '@commercetools/sdk-middleware-auth'
const client = createClient({
middlewares: [
createAuthMiddlewareForClientCredentialsFlow({
host: 'https://auth.commercetools.com',
projectKey: 'test',
credentials: {
clientId: '123',
clientSecret: 'secret',
},
scopes: ['view_products:test', 'manage_orders:test'],
// Optional if not globally available
fetch,
}),
],
})
createAuthMiddlewareForPasswordFlow(options)
Creates a middleware to handle authentication for the Password Flow of the commercetools platform API.
Named arguments (options)
host(String): the host of the OAuth API serviceprojectKey(String): the key of the project to assign the default scope tocredentials(Object): the client credentials for authentication (clientId,clientSecret,user)The
userfield is an object containingusernameandpassword. Sample belowscopes(Array): a list of scopes to assign to the OAuth token. No default scope is sentfetch(Function): Afetchimplementation which can be e.g.node-fetchorunfetchbut also the native browserfetchfunction. Only needs be be passed if not globally available (e.g. throughisomorphic-fetch)
Usage example
import { createClient } from '@commercetools/sdk-client'
import { createAuthMiddlewareForPasswordFlow } from '@commercetools/sdk-middleware-auth'
const client = createClient({
middlewares: [
createAuthMiddlewareForPasswordFlow({
host: 'https://auth.commercetools.com',
projectKey: 'test',
credentials: {
clientId: '123',
clientSecret: 'secret',
user: {
username: string,
password: string,
},
},
scopes: ['view_products:test', 'manage_orders:test'],
// Optional if not globally available
fetch,
}),
],
})
createAuthMiddlewareForAnonymousSessionFlow(options)
Creates a middleware to handle authentication for the Anonymous Session Flow of the commercetools platform API.
Named arguments (options)
host(String): the host of the OAuth API serviceprojectKey(String): the key of the project to assign the default scope tocredentials(Object): the client credentials for authentication (clientId,clientSecret,anonymousId)scopes(Array): a list of scopes (defaultmanage_project:{projectKey}) to assign to the OAuth tokenfetch(Function): Afetchimplementation which can be e.g.node-fetchorunfetchbut also the native browserfetchfunction. Only needs be be passed if not globally available (e.g. throughisomorphic-fetch)
Usage example
import { createClient } from '@commercetools/sdk-client'
import { createAuthMiddlewareForAnonymousSessionFlow } from '@commercetools/sdk-middleware-auth'
const client = createClient({
middlewares: [
createAuthMiddlewareForAnonymousSessionFlow({
host: 'https://auth.commercetools.com',
projectKey: 'test',
credentials: {
clientId: '123',
clientSecret: 'secret',
anonymousId: 'unique-id-of-customer-not-required',
},
scopes: ['view_products:test', 'manage_orders:test'],
// Optional if not globally available
fetch,
}),
],
})
createAuthMiddlewareForRefreshTokenFlow(options)
Creates a middleware to handle authentication for the Refresh Token Flow of the commercetools platform API.
Named arguments (options)
host(String): the host of the OAuth API serviceprojectKey(String): the key of the project to assign the default scope tocredentials(Object): the client credentials for authentication (clientId,clientSecret)refreshToken(String): refreshToken from the API to use to fetch new token.fetch(Function): Afetchimplementation which can be e.g.node-fetchorunfetchbut also the native browserfetchfunction. Only needs be be passed if not globally available (e.g. throughisomorphic-fetch)
Usage example
import { createClient } from '@commercetools/sdk-client'
import { createAuthMiddlewareForRefreshTokenFlow } from '@commercetools/sdk-middleware-auth'
const client = createClient({
middlewares: [
createAuthMiddlewareForRefreshTokenFlow({
host: 'https://auth.commercetools.com',
projectKey: 'test',
credentials: {
clientId: '123',
clientSecret: 'secret',
},
refreshToken: 'foobar123',
// Optional if not globally available
fetch,
}),
],
})
createAuthMiddlewareWithExistingToken(authorization, options)
Creates a middleware that attaches a provided access token Authorization header.
Named arguments (authorization, options)
authorization (String): the value for the Authorization header. For example, you may pass the scheme "Bearer" ("Bearer 1234") or "Basic" ("Basic 134") and so on, depending on your authentication mechanism.
options is an optional (Object), having the following properties:
force(Boolean): if set to true, existing Authorization header (if any) in the request will be overridden with the supplied access token (Default:true)
import { createClient } from '@commercetools/sdk-client'
import { createAuthMiddlewareWithExistingToken } from '@commercetools/sdk-middleware-auth'
const accessToken = 'my-access-token'
const client = createClient({
middlewares: [
createAuthMiddlewareWithExistingToken(`Bearer ${accessToken}`, {
force: true,
}),
],
})