Skip to content

Commit 8d93942

Browse files
DEVDOCS-6188: [update] Login with JWT (#882)
<!-- Ticket number or summary of work --> # [DEVDOCS-6188] ## What changed? Describe the two options for logging in using a JWT ## Release notes draft <!-- Provide an entry for the release notes using simple, conversational language. Don't be too technical. Explain how the change will benefit the merchant and link to the feature. Examples: * The newly-released [X feature] is now available to use. Now, you’ll be able to [perform Y action]. * We're happy to announce [X feature], which can help you [perform Y action]. * [X feature] helps you to create [Y response] using the [Z query parameter]. Now, you can deliver [ex, localized shopping experiences for your customers]. * Fixed a bug in the [X endpoint]. Now the [Y field] will appear when you click [Z option]. --> * ## Anything else? <!-- Add related PRs, salient notes, additional ticket numbers, etc. --> ping {names} [DEVDOCS-6188]: https://bigcommercecloud.atlassian.net/browse/DEVDOCS-6188?atlOrigin=eyJpIjoiNWRkNTljNzYxNjVmNDY3MDlhMDU5Y2ZhYzA5YTRkZjUiLCJwIjoiZ2l0aHViLWNvbS1KU1cifQ
1 parent 32bb41b commit 8d93942

File tree

1 file changed

+10
-5
lines changed

1 file changed

+10
-5
lines changed

docs/start/authentication/graphql-storefront.mdx

+10-5
Original file line numberDiff line numberDiff line change
@@ -149,11 +149,16 @@ mutation Login($email: String!, $pass: String!) {
149149

150150
###### Login with a JWT
151151

152-
The second option is to use the `loginWithCustomerLoginJwt` mutation to pass your customer JSON web token instead of the user's email and password. In this scenario, you will generate a JWT that contains key information in the payload for the login to be successful. You will use this JWT in the login mutation to receive a customer access token.
152+
There are two options for logging in using a JWT.
153+
154+
1. Customer Login API
155+
156+
The Customer Login API enables third-party services to securely authenticate a logged-in customer by accepting a signed JWT from BigCommerce. This allows the third party to verify the customer’s identity before granting access to sensitive information. For more details, see the [Customer Login API](/docs/start/authentication/customer-login) article.
157+
158+
2. `loginWithCustomerLoginJwt`
159+
160+
The `loginWithCustomerLoginJwt` mutation allows you to pass a customer JSON web token instead of the user's email and password. A 3rd party signs the JSON web token used. In this scenario, you will generate a JWT that contains key information in the payload for the login to be successful. You will use this JWT in the login mutation to receive a customer access token. For instructions on creating a JWT, see the [Customer Login API](/docs/start/authentication/customer-login) article for instructions.
153161

154-
<Callout type="info">
155-
For information on creating a JWT, see the [Customer Login API](/docs/start/authentication/customer-login) article for instructions.
156-
</Callout>
157162

158163
<Tabs items={['Request', 'Response']}>
159164
<Tab>
@@ -180,7 +185,7 @@ mutation Login($jwt: String!) {
180185
```
181186

182187
```json filename="GraphQL variables" showLineNumbers copy
183-
{"jwt": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiI3MjM3Mzc2Y3JiNnJrcTFhY2h3MmdrdTQ2M2FjeGk4IiwiaWF0IjoxNzIwODE0NjgyLCJqdGkiOiJhMDA1OGQ0MC0zNmExLTAxM2ItOTBmNC03ZThiMTE1MDA4YTIiLCJvcGVyYXRpb24iOiJjdXN0b21lcl9sb2dpbiIsInN0b3JlX2hhc2giOiJ3MGFzdGVlOWpvIiwiY3VzdG9tZXJfaWQiOjIyfQ.bfiEpk-IDCqQ4DqpErVCEUUQDjs-vtWxHsEufkUFqMs"
188+
{"jwt": "your_jwt_token"
184189
}
185190
```
186191
</Tab>

0 commit comments

Comments
 (0)