Broadleaf Microservices
  • v1.0.0-latest-prod

Authenticating an Account User

In order to access account features, an account JWT must be used. This requires issuing a new token with the user’s account permissions.

Account users are authenticated identically to non-account users. The only difference is an additional parameter, accountId is passed with the desired account ID to the /token endpoint.

Be aware that if a user has selected a preferred account, they will always be authenticated for that account by default, even if no accountId parameter is supplied to the token endpoint. For that user to be authenticated for their personal account, accountId=PERSONAL (case sensitive) must be passed as a parameter to the token endpoint.

See the auth documentation on authorization for information on retrieving an access token.