Get a user access token for the Recommendations API
Learn how to get a user access token to use with the Recommendations API endpoints. To generate the user access token, first encode the user ID and then include it as an assertion.
Use this access token when you are calling the API from the frontend, such as a browser or mobile device.
Before you begin
For this tutorial, you need the following items:
- Your client ID and secret
- The base URL of your assigned Instacart development server
- A Base64 encoder tool to encode the user ID
Create an order
Create an order. For instructions, follow the Implement delivery tutorial in the Fulfillment Guide.
You need the user ID from the Create a Connect user account response to generate the access token that you use with the Recommendations API endpoints. Requests to these endpoints retrieve only the order data associated with this user ID.
Encode the user ID
Use a tool of your choice to encode the user ID in Base64 format. Pass the following JSON snippet to the encoder, substituting the user ID that is associated with the order you created.
{ "user_id": "kamalsingh1234" }
The tool returns an encoded string.
eyAidXNlcl9pZCI6IGthbWFsc2luZ2gxMjM0fQ==
Copy the encoded string. You'll use it in the next step.
Generate a token
To generate the token, use the authentication endpoint. In the body, specify your client ID and secret, the grant type as fulfillment_user_assertion
, and the scope as connect:recommendations
. Paste the encoded string in the assertion
parameter.
curl --request POST \
--url 'https://<instacart_development_domain>/v2/oauth/token' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '{
"grant_type": "fulfillment_user_assertion",
"client_id": "<your_client_id>",
"client_secret": "<your_client_secret>",
"assertion": "eyAidXNlcl9pZCI6IGthbWFsc2luZ2gxMjM0fQ==",
"scope": "connect:recommendations"
}'
The response contains the generated token.
{
"access_token": "2h0E5SCzTNQm69fiFjrMUXcPEopMVODcMPslLClH6Ko",
"token_type": "Bearer",
"expires_in": 86400,
"scope": "connect:recommendations",
"created_at": 1631804913
}
The token is valid for 24 hours. During this period, reuse the same token in your requests. After 24 hours, you must generate a new token.
Related references
- Replacement items
- Complementary items