fabric APIs use System Apps, which employ OpenID Connect’s Client Credential Flow for API authentication.

System App Authentication

System App authentication is the process by which a system application verifies its identity and obtains authorization to access specific APIs or services. System Applications, also called System Apps, are specialized software applications designed to perform automated tasks and system-level functions. System Apps don’t authenticate end-users and aren’t associated with user pools, hence these API applications aren’t intended for direct use by shoppers for storefront authentication. System Apps only facilitates secure and efficient system-level interactions with fabric APIs. System Apps are commonly deployed in enterprise contexts, including systems such as Enterprise Resource Planning (ERP), Order Management Systems (OMS), Warehouse Management Systems (WMS) and Storefronts.

A System App uses OpenID Connect to obtain an access token referred to as a system token:

  1. The System App possesses a unique identifier called a client ID and a confidential client secret.
  2. To start authentication, the system app sends a request to an authorization server, providing its client ID and client secret.
  3. If the provided client ID and client secret are valid, the authorization server issues an access token referred to as a system token to the System App.
    This system token serves as the key for the system app to make authorized requests to APIs or services, representing the system during interactions. System Apps use this token for all subsequent fabric API calls.

Was this page helpful?

API ReferencesGetting Started with fabric APIs