Magento Rest API to fetch admin token credentials to use tokens for other REST APIs as Authorization Bearer.
From Magento 2.4+, the Two Factor Authentication Module is available for security reasons.
If you try for the first time to generate Admin Token by REST API and you will face an error in a response like below, You have authenticated Google 2FA for security reasons.
{
"message": "Please use the 2fa provider-specific endpoints to obtain a token.",
"parameters": {
"active_providers": [
"google"
]
}
}
You can generate an admin access token in an alternative way,
Action: POST
URL: <BASE_URL>/rest/V1/tfa/provider/google/authenticate (Replace your actual URL with BASE_URL)
Body:
{
"username":"rakesh", "password":"MyPassword", "otp":"<SIX_DIGIT_OTP_CODE_FROM_GOOGLE_AUTHENICATOR_APP>"
}
In the Payload, You need to pass your admin username/password with the respective field.
- username Your Magento Admin user
- password Your Magento Admin password
- otp value will be a six-digit code from the Google Authenticator Mobile Apps.
Response:
eyJraWQiOiIxIiaiYWxnIjoiSFMyNTYifQ.eyJ1aWQiOjkzLCJ1dHlwaWQiOjIsImlhdCI6MTY3NTQxMTY1OCwiZXhwIjoxNjc1NDE1MjU4fQ._E0DcCuZyG8HnCPUprl21-KYxqPfBxV4vj0y7O8Pfvw
The Response comes from the TFA provider REST API will be used to other APIs with Header.
Authorization Bearer <ACCESS_TOKEN> While Replace ACCESS_TOKEN from the response string value.