Customer Login
Authenticate a customer with email and password and receive a Bearer token to use on subsequent customer-scoped requests.
Endpoint
POST /api/shop/customer/loginRequest Headers
| Header | Required | Description |
|---|---|---|
Content-Type | Yes | application/json |
X-STOREFRONT-KEY | Yes | Your storefront API key |
Request Body
json
{
"email": "[email protected]",
"password": "Password123!"
}| Field | Type | Required | Description |
|---|---|---|---|
email | string | Yes | Customer email address |
password | string | Yes | Customer password |
Response Fields (201)
The response is flat — the token is at the top level.
| Field | Type | Description |
|---|---|---|
id / _id | integer | Customer ID |
token | string | Bearer token, format <id>|<secret> — send as Authorization: Bearer <token> |
apiToken | string | Long-lived customer API token |
success | boolean | Whether login succeeded |
message | string | Human-readable result |
Token Usage
Send the returned token on customer-scoped requests:
bash
Authorization: Bearer 3627|DfkAK11F8qdqtaFVJPvBxlJyNbCSMNl8TFWhWm4G5c9660e4Session Management
- Use Verify Token to check validity.
- Use Customer Logout to end the session.

