Implicit token

An implicit token is typically used for situations where you are requesting data on the client side and you are exposing your public key. When authenticated implicitly, you can only fetch (GET) data with live status (products, categories, brands, etc).

You will use most likely use an implicit token inside client-side applications, such as JavaScript.

An implicit token can be thought of as a READ ONLY token.

The diagram below illustrates the process flow for authentication for a client-side implicit application and a subsequent request to GET products.

Create an implicit token

POST https://api.moltin.com/oauth/access_token

Request Body

Name	Type	Description
client_id	string	Your client_id
grant_type	string	The grant type, in this case it must be implicit

Name

Type

Description

client_id

string

Your client_id

grant_type

string

The grant type, in this case it must be implicit

{
    "expires": 1524486008,
    "identifier": "client_credentials",
    "expires_in": 3600,
    "access_token": "xa3521ca621113e44eeed9232fa3e54571cb08bc",
    "token_type": "Bearer"
}

curl -X "POST" "https://api.moltin.com/oauth/access_token" \
     -d "client_id=XXXX" \
     -d "grant_type=implicit"

const MoltinGateway = require('@moltin/sdk').gateway

const Moltin = MoltinGateway({
  client_id: 'X'
})

let moltin = Moltin(withClientID: "<your client ID>")

PreviousClient credential token NextCustomer token

Last updated 5 years ago