BigCommerce API authentication

Mayurkumar Patel
Published in
3 min readApr 25, 2017


Recently I started using BigCommerce. I found very few resources about BigCommerce API authentication so here I am writing step by step process for that. I am using API V3 of BigCommerce.

Step 1: Create Account at BigCommerce

Refer BigCommerce site and create an account using your email address. BigCommerce will refer you as a technical partner.

Step 2: Create an App

You need to create an application at BigCommerce DevTool Site. You should be careful while filling point no 4, Technical Details. Keep following in your mind;

  • Auth Callback URL should be secure i.e. HTTPS
  • You should able to access the server log of that URL. BigCommerce will send you temporary code to that URL. You can get it by server log.

Step 3: Install your App

Now, go to your store admin page. This is the same page you have landed on in step 1 after signup. Go to Apps > My Apps > My Draft App from left side navigator. Find your application there which you have created in above step. Now, You will get a ‘Learn More’ link by hovering a mouse over your app. Click on it. You will get install button, click on it. Then, you will be asked to confirm your installation, confirm it.

Step 4: Get Access Token

You will get a temporary code via your Auth callback URL which you have provided in step 2. You can get useful data from your server log. It includes temporary code, scopes and store hash as a context, may look like this;

Started GET "/?code=d3mb7lnt511jb1zl3o833ojeuy8f9r8&context=stores%2Fnffse6w1bi&scope=store_v2_content+store_v2_customers+store_v2_customers_login+store_v2_default+store_v2_information_read_only+store_v2_marketing+store_v2_orders+store_v2_products+users_basic_information" for at 2016-12-13 14:24:27 +0530
Cannot render console from! Allowed networks:, ::1,
Processing by TreesController#all_trees as HTML
Parameters: {"code"=>"d3mb7lnt511jb1vl3o933ojeuy8f9r9", "context"=>"stores/nlxse6w1bi", "scope"=>"store_v2_content store_v2_customers store_v2_customers_login store_v2_default store_v2_information_read_only store_v2_marketing store_v2_orders store_v2_products users_basic_information"}

I am using my sample rails application and ngrok to receive a call back from BigCommerce. Copy temporary data and paste it somewhere.

Now, use any tool that can send a post request to BigCommerce. I am using Postman for that. Generate the following URL using data from the server log.

This URL includes the following parameters:

  • client_id : The Client ID for your app, obtained during registration.
  • client_secret : The Client Secret for your app, obtained during registration.
  • code : Temporary access code received in the GET request discussed above.
  • scope : List of OAuth scopes received in the GET request discussed above.
  • grant_type : Always use the following: authorization_code.
  • redirect_uri : Must be identical to your registered Auth Callback URI.
  • context : The store hash received in the GET request, in the format: stores/{_store_hash_}

Now make POST request to above URL. You will receive permanent access token in response. It may look like,

"access_token": "luxdeqp1j9dry3kfse3ocn882d4o6yh",
"scope": "store_v2_content store_v2_customers store_v2_customers_login store_v2_default store_v2_information_read_only store_v2_marketing store_v2_orders store_v2_products users_basic_information",
"user": {
"id": 648788,
"username": "",
"email": ""
"context": "stores/nlxse1w1bi"

Additionally, you will need the client id and client secret for some API authentications. To get that go to and find your app. You will find view client id link. By clicking on that you will have pop up which will have client id and client secret.

Step 5: Access APIs

Now you are ready to access BigCommerce APIs. We will access product API as a demo. For that send GET request to,variants with following details as a header.

  • Accept: application/json
  • Authorization: Basic
  • Content-Type: application/json
  • X-Auth-Client: This will be your client id, obtained during registration.
  • X-Auth-Token: Your permanent access token which you obtained in step 4.

Here I am passing ?include=images,variants as an additional parameter to get images and variants information with this API. For more info please refer BigCommerce V3 API Documentation

As a response, you will get whole product information from BigCommerce

If you have queries then I will happy to help you out. Please reach me out at



helping companies to take the stress out of software development and make their business shine.