Current Customer
Identify signed-in customers securely by requesting and decoding a BigCommerce-generated JWT.
Authentication
Authentication consist of two parts; first, send the client ID of an app-level API account as a query parameter with your request. No scopes are required. When you receive a response, use the same API account's client secret to decode the JWT that BigCommerce returns.
Learn more about the Current Customer API.
For info about API accounts, see our Guide to API accounts.
For info about authenticating BigCommerce APIs, see Authentication and example requests.
Note
- Substitute your storefront domain for
yourstore.example.com
.- The Send a Test Request feature is not currently supported for this endpoint.
Get Current Customer
GET https://yourstore.example.com/customer/current.jwtRequest
Parameters
- store_domain in path - string
- Accept in header with default of application/json - stringrequiredThe MIME type of the response body.
- app_client_id in query - stringrequiredThis is the client ID of an app-level API account you generate when you create an app in the Developer Portal.
example
Response
A JWT to decode using the client secret that corresponds with the app client ID you sent as a query parameter.
After you decode the JWT, the payload resembles the following:
{
"customer": {
"id": 4927,
"email": "john.doe@gmail.com",
"group_id": "6",
},
"iss": "bc/apps",
"sub": "abc123",
"iat": 1480831863,
"exp": 1480832763,
"version": 1,
"aud": "6sv16tfx3j5gsopm42ss5dd67g2srvq",
"application_id": "6sv16tasdgr2b5hs5dd67g2srvq",
"store_hash": "abc123",
"operation": "current_customer"
}
Body
example
See something you can improve? Edit this file on GitHub