For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
Dev Portal
DocsAPI ReferenceLearnCommunityChangelog
DocsAPI ReferenceLearnCommunityChangelog
    • About Our APIs
  • REST
    • Overview
      • Overview
      • Storefront
          • Authentication
            • POSTGet Storefront authToken Within Stencil
            • POSTGet Storefront authToken for Specific Customer
          • Catalog
          • Company
          • Orders
          • Request for Quote
          • Sales Rep
          • Shopping List
          • Store Settings
      • Management
  • GraphQL
    • Overview
  • MCP
    • Overview
Dev Portal
LogoLogo
RESTB2BStorefront

Authentication

Requests to the B2B Edition Storefront API are either anonymous or authenticated, depending on whether or not it requires access to a Company user’s data.

For example, you can create a Company account anonymously because the action can be performed by a shopper without a user account, but creating a Shopping List must be authenticated since the action is tied to a particular Company account and user.

The B2B Edition Storefront API includes endpoints to generate an authToken with or without specifying an existing Company user. Use the appropriate endpoint to authenticate your requests to Storefront REST APIs and Storefront GraphQL APIs. Note that storefront authTokens expire after 1 day.

The BigCommerce GraphQL Storefront API requires different authentication tokens for client- and server-side contexts. With the B2B GraphQL API, authentication tokens are always in the context of a specific user, and they don’t rely on storefront cookies.

As a result, these can be used in a client-side and server-side context. This means that you don’t have to change your authentication strategy for requests from the client or a server.

While the Storefront authentication endpoints can be used in either experience, it is best practice to get storefront authTokens via the GraphQL login and authorization mutations if you are developing on the Buyer Portal experience.

The legacy Stencil storefront experience is built to use Storefront endpoints instead of GraphQL mutations, but it can also use GraphQL for authentication-based customizations. For more information on GraphQL structure and usage, see the GraphQL Playground.

Was this page helpful?
Previous

Storefront

Next

Get Storefront authToken Within Stencil

Built with