Dev Center
Dev Center
API Docs
API Reference
Theme Docs
Tools
Library
Blog
Changelog
My Apps
Create Account
No results found.
Getting Started
Quick Start
About Our APIs
Authenticating BigCommerce APIs
V2 and V3 REST API Authentication
Filtering
Best Practices
API Status Codes
Webhooks
Building Apps
Quick Start
Guide
Partner Information
Becoming A Partner
Catalog
Overview
Currencies
Pricing Order
reference
Price Lists
Channels
Overview
Building Channel Apps
Extending Existing Apps
Channel App Best Practices
Channel App Requirements
Channels Toolkit Reference
Store Management
Shipping
Customers & Subscribers
Overview
Customer Login API
Current Customer API
Passwordless Login
Storefront
GraphQL
new
Scripts
Widgets
Cart and Checkout
Overview
Working with Storefront APIs
tutorial
Checkout SDK
Add to Cart URLs
Embedded Checkout
Headless Commerce
GUIDE
Payments
Payments API
Orders
Overview
Orders
Order Refunds

Authentication

BigCommerce has five different APIs that let you manage store data, log in customers, make client-side queries for product information, and more. Each requires a different method for authentication.

REST APIs

Requests to BigCommerce’s V2 and V3 REST APIs require both an OAuth Client ID and Access Token be passed in the header. See Obtaining Store API Credentials for instructions on generating these credentials.

Storefront API

The Storefront API is unauthenticated, allowing you to make client-side requests for carts, checkouts and orders using Javascript.

GraphQL Storefront API

There are two ways to authenticate with the GraphQL API:

  1. Via a Storefront API token passed in your request’s header
  2. Passing a Simple Token from within a Stencil theme in your request’s header

For more details, see GraphQL API Authentication.

Customer Login API

The Customer Login API requires authentication via a JWT token and your app’s OAuth Client ID.

For details, see Customer Login API.

Current Customer API

Your application’s Client ID must be included in the request to the Current Customer API to receive a response. For details, see Current Customer API.