openapi: 3.0.1 info: title: BigCommerce Customer Login (SSO) description: >- Enable single sign-on for shoppers on BigCommerce hosted storefronts. [Learn more about the customer login API](/docs/start/authentication/customer-login). For info about API accounts, see our [Guide to API Accounts](/docs/start/authentication/api-accounts). For info about authenticating BigCommerce APIs, see [Authentication and Example Requests](/docs/start/authentication#user-generated-jwts). termsOfService: https://www.bigcommerce.com/terms contact: name: BigCommerce url: https://www.bigcommerce.com email: support@bigcommerce.com version: '' servers: - url: https://{store_domain} variables: store_domain: default: your_store.example.com description: >- The [URL authority](https://developer.mozilla.org/en-US/docs/Learn/Common_questions/Web_mechanics/What_is_a_URL#authority) of the storefront. tags: - name: Login Token paths: /login/token/{jwt_token}: get: tags: - Login Token summary: BigCommerce Login Token operationId: getCustomerLogin description: >- The customer login access point URL. [Learn more about the Customer Login API](/docs/start/authentication/customer-login). ## Example ``` https://yourstore.example.com/login/token/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJ7Y2xpZW50X2lkfSIsImlhdCI6MTUzNTM5MzExMywianRpIjoie3V1aWR9Iiwib3BlcmF0aW9uIjoiY3VzdG9tZXJfbG9naW4iLCJzdG9yZV9oYXNoIjoie3N0b3JlX2hhc2h9IiwiY3VzdG9tZXJfaWQiOjJ9.J-fAtbjRFGdLsT744DhoprFEDqIfVq72HbDzrbFy6Is ``` parameters: - name: jwt_token in: path required: true schema: type: string responses: '200': description: OK content: '*/*': schema: type: object components: schemas: customerLoginSSO: title: Customer Login SSO type: object properties: iss: type: string description: >- Indicates the token’s issuer. This is your application’s client ID, which is obtained during application registration in Developer Portal. example: '"1234r5t6y7u8i9o0p"' iat: type: integer description: >- Time when the token was generated. This is a numeric value indicating the number of seconds since the [Unix epoch](https://en.wikipedia.org/wiki/Unix_time). example: 1535393113 jti: type: string description: >- Request ID string that must be unique across all requests made by your app. A UUID or other random string would be an appropriate value. Most libraries contain a method for generating a uuid. For testing a [UUID generator](https://www.uuidgenerator.net/) can be used, but it recommended to use built in libraries. example: '"20b7c03e-00da-4d29-91bf-2aa06a57575b"' operation: type: string description: Must contain the string “customer_login”. example: '"customer_login"' store_hash: type: string description: | Store hash identifying the store you are logging into. example: '"abc123"' customer_id: type: integer description: > ID of the customer you are logging in, as obtained through the Customer API. example: 2 redirect_to: type: string description: > Optional field containing a relative path for the shopper’s destination after login. Will default to `/account.php`. default: /account.php request_ip: type: string description: > **(Optional)** Field containing the expected IP address for the request. If provided, BigCommerce will check that it matches the browser trying to log in. If there is not a match, it will be rejected. example: '"111.222.333.444"' x-internal: false