Developer API

An API provides a way for the Magento solution and technical partners to utilise Login module’s tokenisation system to generate secure login links as well as validating the the links as customers arrive back to the site from email link.

Client side API

AuthenticationManagementInterface API provides methods like

  • createToken to create a token from customer email and return a TokenInterface
  • The TokenInterface can then be used with tokenizeUrl method to generate a secure login link (string), which can be sent to the customer via an email
  • Optionally sendOtp could be utilised for full login experience (create token + generated link + send email) and redirect the customer to a custom (next) URL eventually.

TokenRepositoryInterface API provides methods like getCustomerTokens and getActiveToken, provide an easy way add validation to your own custom controllers

Server side API

A REST API is available for those developers who want to generate a login URL from an external platform. If the generated URL is then presented to the user and they follow it, they will be logged into Magento.

Required parameters to create a token:

  1. Customer email
  2. Store ID
  3. Token expiry (in minutes)
Create token request

Method: POST
REST URL: /rest/V1/otp/createToken

Request payload (JSON)
{"email": "[email protected]", "storeId": "1", "expiry": 5}

Response payload (JSON)
{"token":"B6uiladd2569hikvf6vcphh8FixchO7T" ... }

The token value can be taken from response payload and used create an URL that points to OTP auth controller. Like this:
URL: https://<host>/customer/otp/auth/token/<token>/

Create tokenised authentication URL

If URL generation is manually not possible, then OTP API can be used to create an URL as well, this is mostly useful with multiple stores.

Method: POST
REST URL: /rest/V1/otp/createUrl

Request payload (JSON)
{"path": "customer/otp/auth", "token": <token>}

Please note that <token> is the exact response value from “Create token request”

Response payload (string)