Customer Login
The following is the method for logging in with ZRMZ to obtain an access token for accessing the customer API.
1. Authorization
Request URL
url
GET https://zrmz.app/[shop_id]/loginRequest Query Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| client_id | String | ✅ | The client ID you received from the CMS. |
| redirect_url | String | ✅ | The URL in your application where users will be sent after authorization. |
| state | String | ❌ | An unguessable random string, used to protect against cross-site request forgery (CSRF) attacks. Strongly recommended. |
Example
url
https://zrmz.app/[shop_id]/login?client_id=0123456789abcdef0123456789abcdef&redirect_url=https://example.com/callback&state=123456Response
| Name | Type | Description |
|---|---|---|
| code | String | A code for acquiring a token. |
| state | String | A random string provided in the request query parameter. |
Example
url
https://example.com/callback?code=idHdjSywe21mTXSlLdDB&state=1234562. Token
url
POST https://api.zrmz.app/api/v1/oauth/tokenRequest Body Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| grant_type | String | ✅ | Assigns "authorization_code" |
| client_id | String | ✅ | The client ID you received from CMS. |
| client_secret | String | ✅ | The client secret you received from CMS. |
| code | String | ✅ | The code you received in response to the Authorization. |
| redirect_url | String | ✅ | The URL in your application where users are sent after authorization can be used to match against the URL originally provided when the code was issued, helping to prevent attacks against your service. |
Example
json
{
"grant_type": "authorization_code",
"client_id": "0123456789abcdef0123456789abcdef",
"client_secret": "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
"code": "idHdjSywe21mTXSlLdDB",
"redirect_url": https://example.com/callback"
}Request Example
sh
curl -X POST 'https://api.zrmz.app/api/v1/oauth/token' \
-H 'Content-Type: application/json' \
-d '{
"grant_type": "authorization_code",
"client_id": "0123456789abcdef0123456789abcdef",
"client_secret": "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
"code": "idHdjSywe21mTXSlLdDB",
"redirect_url": https://example.com/callback"
}'Response
| Name | Type | Description |
|---|---|---|
| token | String | An access token for authentication, used for calling the customer API. |
| expired_at | String | Expiration date of the access token. |
Example
json
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE3Mjg0NjYyNzYsImV4cCI6MTcyOTA3MTA3NiwiYXVkIjoiZjZlNzYyOGQ1ZTBmYjY2MDRjZTk5NmM0N2U2NTIwMzciLCJpc3MiOiJaUk1aIiwic3ViIjoiT0F1dGgiLCJqdGkiOiJiYjZhMGQ0OS04MzcxLTQ3OWEtYjRmMi0zODNmZTIyMjczNDgifQ.4rILMnCIysPcOjx7kl2eugODnIDCjxyz3KrusndNyoc",
"expired_at": "2024-10-16T09:31:16.535Z"
}