An integration named Marketing is created on the Adobe Commerce instance. The integration has access on Magento_Customer:: customer resources and the access token is xxxxxx.
How would the rest API be called to search the customers?
A.
Using the integration access token as Bearer:
curl -X GET https://magentourl/rest/Vl/customers/search?searchCriteria... -H 'Authorization: Bearer XXXXXX'
B.
Passing integration name and access token as http auth credentials:
curl -X GET https ://Marketing:XXXXXX(Slmagentourl/rest/Vl/customers/search?5earchCriteria . . .
Using integration name as username and access token as password, get the admin token (yyyyyy) via:
curl -X POST https://magentourl/rest/Vl/integration/admin/token -d '{"username":"Marketing", "pas
C.
Type: application/json'
Use the admin token as Bearer
curl -X GET https://magentourl/rest/Vl/customers/search?searchCriteria... -H 'Authorization: Bearer YYYYYY'
When using an integration token to access Magento’s REST API, you can authenticate requests by including the token in the Authorization header as a Bearer token. This allows the system to recognize the permissions assigned to the integration and grant access to the specified resources.
Using the Access Token as Bearer Token:
In Magento, integration tokens are treated as Bearer tokens for API authentication. Once the token is generated, you can directly use it in the Authorization header.
The access token XXXXXX will provide access to resources allowed by the Magento_Customer::customer permission.
Why Option A is Correct:
Option A shows the correct way to authenticate an API call using a pre-existing integration token by setting the header Authorization: Bearer XXXXXX. This is a straightforward way to search for customers without additional steps.
Options B and C describe methods that are not necessary for this scenario. The access token already has the necessary permissions, so there’s no need to re-authenticate or obtain an admin token.
Example Command:
curl -X GET "https://magentourl/rest/V1/customers/search?searchCriteria[filterGroups][0] [filters][0][field]=email&searchCriteria[filterGroups][0][filters][0][value]=example@example.com" -H "Authorization: Bearer XXXXXX"
[References:, , Adobe Commerce REST API documentation on Authentication, Magento Integration Tokens Guide on Using Tokens, ]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit