Go to docs navigationGo to article contentGo to table of contentsGo to footer navigation
  • Docs
  • Guides
  • Get the skills

  • Centra A-Z
  • Allocation Rule
  • Brand
  • Currency
  • Product Display
  • Inventory
  • Locale
  • Market
  • Order
  • Product
  • Pricelist
  • Promotions
  • Store
  • Tax
  • Warehouse

  • Building a frontend
  • Best Practices
  • Custom Attributes
  • URIs in Centra
  • Wishlists
  • Cross-sell
  • Overselling prevention
  • Lowest price

  • What you can do with it
  • API reference
  • Order flow
  • Vouchers
  • Checkouts
  • reCaptcha
  • How to integrate a Fraud Prevention Solution with Centra
  • Payment flows
  • Payment Providers
  • 100% discounts
  • Gift Certificates
  • Payments
  • Klarna Payments
  • Qliro One
  • External Payment Plugin
  • Adyen Drop-in
  • Klarna Checkout
  • Stripe Payment Intents
  • Stripe Checkout
  • PayPal Commerce
  • Adyen Checkout (deprecated)
  • Shipping
  • Ingrid
  • Ingrid v1

  • Rule
  • Klaviyo
  • Mailchimp
  • Subscriptions
  • Voyado Vouchers
  • Back in stock

  • Centra IPs
  • Centra Webhooks
  • External Tax Engine
  • Tripletex

  • API Documentation
  • Introduction
  • Authorization - Session VS No Session
  • General concepts
  • Product information
  • Shopper Session
  • Customer Management
  • Selection Handling
  • Checkout
  • Captcha protection
  • First interaction to order - Happy Path
  • Migrating to DTC API
  • Introduction
  • Selection
  • Customer
  • Checkout
  • Catalog
  • Migration Table

  • What you can do with it
  • API reference
  • Order flow
  • Vouchers

  • What you can do with it
  • Handling events
  • Using your own ID's
  • Uploading media
  • Example queries for Wholesale
  • Example queries for Direct to Consumer
  • API rate limits
  • Schema
  • Authorization

  • Checkout API/Shop API Swagger
  • API reference
  • Order API
  • What you can do with it
  • Plugin settings
  • Order API reference

  • Checkout API/Shop API Swagger
  • Shop & Checkout API Swagger
  • GraphQL Tools
  • GraphQL schema
  • GraphQL Integration Explorer
  • Postman Collections
  • CollectionsBETA
  • Scripts
  • Centra CheckoutScript
  • DTC API
  • Authorization - Session VS No Session

Authorization - Session VS No Session

Last updated October 21st at 12:46pm

Get the data you need.#

The API is designed to allow you to keep as little state as possible on the frontend.

  • All the mutations affecting the selection will always return the selection and session, allowing you to always be able update your frontend components to reflect the last saved state in Centra. So there's no need for an extra query to refresh your mini cart and session state.

  • All lists return pagination information.

  • DisplayItem.filters reflect which filters are available and which have been applied.

Separation of concerns with session and no session mode#

The DTC API can be configured in two different modes, depending on the use case. Both modes require you to send an Authorization with the Bearer token from the plugin. One plugin can only be configured to operate in one specific mode.

NOTE: When you are querying data using a session scoped token, the data will always be returned based on the current market and price list. Translations of translatable fields will automatically be promoted to the corresponding root field, given that the translation is not empty based on the session language. If you have entered a translation for any value, the translation will always be used for the corresponding language, even if the surrounding entities are not translated (e.g. parent category name is not translated, but child category is - then the translated name for the child category will be used, but the non-translated for the parent category).

When using a no session scoped token this also applies if you apply just one languageCode, market or price list property. This allows you to effectively build a cache using the key or key(s) most suitable for you.

Session mode#

Session mode allows shoppers to perform cart, checkout and post-checkout operations and browse the catalog based on the market, price list and language of the shopper’s session. This mode also allows customers to login. Upon the first request using the bearer token you will receive a new token back for further use for the current shopper. Currently this is the only mode you can use in order to make a purchase. This mode is allowed to be used client-side(*).

(*) Certain fields and operations require you to send an additional shared secret. If a shared secret is provided only server-side, consumption of the API is allowed. The plugin can also be configured to only be allowed to be consumed server-side.

No session mode#

This mode is completely stateless and only exposes data in order for consumers to build their own cache. This mode is only accessible server side, and consuming the API in this mode should only be done in order to populate your cache, not as a means to access all data from a middleware or such.

API’s

  • DTC API
  • Integration API

Docs

  • Centra concepts
  • Crafting frontends
  • Tools

Contact us

  • Become a partner
  • Support center
  • Careers

Guides

  • Frontend
  • Scaling
  • Multichannel
  • App e-commerce

centra.com

  • Direct-to-Consumer
  • Wholesale
  • Migrate to Centra
  • Centra vs. Competitors
  • Webinars & events
  • Case studies
  • Blog & news