BigCommerce
Storefront Authentication
Current Customer

Current Customer

Identify logged-in customers securely via JavaScript.

Learn more about the current customer API.

For info about API accounts, see our Guide to API Accounts.

For info about authenticating BigCommerce APIs, see Authentication and Example Requests.

Note

  • Substitute your storefront domain for yourstore.example.com.
  • The Send a Test Request feature is not currently supported for this endpoint.

Get Current Customer

GET /customer/current.jwt

Request

Identify logged-in customers securely via JavaScript.

Note

The Send a Test Request feature is not currently supported for this endpoint.

Parameters

  • store_domain in path - string
  • app_client_id in query - string - required

    This is your applicationʼs client ID, which is obtained during application registration in the Developer Portal.

example

Response

Body

object | application/json
  • customer
    object

  • iss
    string

    Indicates the token’s issuer.

    Example: "bc/apps"

  • sub
    string

    The subject of the JWT - same as store_hash.

    Example: "abc123"

  • iat
    integer

    Time when the token was issued. This is a numeric value indicating the number of seconds since the Unix epoch.

    Example: 1480831863

  • exp
    integer

    Time when the token expires. The token usually expires after 15 minutes. This is a numeric value indicating the number of seconds since the Unix epoch.

    Example: 1480832763

  • version
    integer

    Version of the Current Customer JWT

    Example: 1

  • aud
    string

    The "aud" (audience) claim identifies the recipients that the JWT is intended for. This should match the App Client ID and the application_id.

    Example: "6sv16tfx3j5gsopm42ss5dd67g2srvq"

  • application_id
    string

    The client ID created when the token was generated.

    Example: "6sv16tasdgr2b5hs5dd67g2srvq"

  • store_hash
    string

    The store’s unique identifier on the BigCommerce platform.

  • operation
    string

    Must contain the string “current_customer”.

    Example: "current_customer"

example

Did you find what you were looking for?