Store access token
Store access token
The store access token is the credential you use to call Ecart API on behalf of a connected store. You receive it in the redirect URL after a customer integrates their store (see Store authentication and OAuth 2.0).
Where to find it
| Source | How |
|---|---|
| From the redirect | After integration, the access_token is sent as a query parameter to your Redirect URL. Validate the request (e.g. with ecartapi_key) and then save the token. |
| From the dashboard | You can also retrieve the access token later from My Apps by opening the store details for that customer's store. |
Saving the token
We recommend saving the store access token in your database and linking it to your customer, so you know which stores belong to which customers. That way you can use the correct token when making API requests on their behalf.
Using the token
Use the access token as Bearer token in the Authorization header when calling Ecart API:
Authorization: Bearer <store_access_token>Recap: Save the token per customer → use it as
Authorization: Bearer <token>for all API versions. See API endpoints for base URL and version details.
All three API versions (v1, v2, v3) use the same Bearer token.
Updated 30 days ago