Get a user access token for the Recommendations API

Learn how to get a user access token to use with the Recommendations API endpoints. To generate the user access token, first encode the user ID and then include it as an assertion.

info

Use this access token when you are calling the API from the frontend, such as a browser or mobile device.

1. Before you begin
2. Create an order
3. Encode the user ID
4. Generate a token

Before you begin

For this tutorial, you need the following items:

• Your client ID and secret
• The base URL of your assigned Instacart development server
• A Base64 encoder tool to encode the user ID

Create an order

Create an order. For instructions, follow the Implement delivery tutorial in the Fulfillment Guide.

You need the user ID from the Create a Connect user account response to generate the access token that you use with the Recommendations API endpoints. Requests to these endpoints retrieve only the order data associated with this user ID.

Encode the user ID

Use a tool of your choice to encode the user ID in Base64 format. Pass the following JSON snippet to the encoder, substituting the user ID that is associated with the order you created.

{ "user_id": "kamalsingh1234" }

The tool returns an encoded string.

eyAidXNlcl9pZCI6IGthbWFsc2luZ2gxMjM0fQ==

Copy the encoded string. You'll use it in the next step.

Generate a token

To generate the token, use the authentication endpoint. In the body, specify your client ID and secret, the grant type as fulfillment_user_assertion, and the scope as connect:recommendations. Paste the encoded string in the assertion parameter.

curl --request POST \
  --url 'https://<instacart_development_domain>/v2/oauth/token' \
  --header 'Accept: application/json' \
  --header 'Content-Type: application/json' \
  --data '{
    "grant_type": "fulfillment_user_assertion",
    "client_id": "<your_client_id>",
    "client_secret": "<your_client_secret>",
    "assertion": "eyAidXNlcl9pZCI6IGthbWFsc2luZ2gxMjM0fQ==",
    "scope": "connect:recommendations"
}'

The response contains the generated token.

{
  "access_token": "2h0E5SCzTNQm69fiFjrMUXcPEopMVODcMPslLClH6Ko",
  "token_type": "Bearer",
  "expires_in": 86400,
  "scope": "connect:recommendations",
  "created_at": 1631804913
}

note

The token is valid for 24 hours. During this period, reuse the same token in your requests. After 24 hours, you must generate a new token.

Related references

• Replacement items
  • Find replacement items
  • Find replacement items for an order
• Complementary items
  • Find complementary items
  • Find complementary items for an order