Help Center
Magento 2 Integration Token Setup Guide
Overview
This guide walks you through creating a Magento 2 Integration Token that provides read-only API access to your product catalog, categories, pages, and inventory data.
Prerequisites
-
✅ Access to Magento Admin Panel
-
✅ Administrator or sufficient user permissions
-
✅ Store URL: <https://www.yourstore.com>
Step 1: Access Integrations
-
Login to your Magento Admin Panel
-
Navigate to: System → Extensions → Integrations
-
Click the “Add New Integration” button
Step 2: Configure Basic Information
Fill in the integration details:
|
Field |
Value |
|---|---|
|
Name |
ExpertRec Search Integration |
|
|
Your admin email address |
|
Your Password |
Your Magento admin password |
|
Callback URL |
Leave blank |
|
Identity Link URL |
Leave blank |
Note: The password is required to authorize the integration creation.
Step 3: Set API Permissions
Configure Resource Access
-
Click on the “API” tab
-
Under “Resource Access”, select “Custom”
-
Enable the following permissions:
Required Permissions Checklist
- Catalog
✅ Inventory
✅ Products
✅ Categories - Content
✅ Elements
✅ Pages - Stores (or Inventory section)
✅ Inventory
✅ Sources - Attributes
✅ Product
✅ Attribute Set
✅ Ratings
✅ Swatches
💡 Tip: If unsure about specific permissions, you can select “All” under Resource Access for simplicity. This provides read-only access to all API endpoints.
Step 4: Save and Activate
-
Click the “Save” button
-
Locate the newly created integration in the list
-
Click “Activate” in the integration row
-
A popup window will appear displaying your credentials
Step 5: Copy Credentials
From the activation popup, you’ll see four credentials. Copy and save the following:
|
Credential |
Required |
Description |
|---|---|---|
|
Consumer Key |
❌ |
Not needed for this integration |
|
Consumer Secret |
❌ |
Not needed for this integration |
|
Access Token |
✅ |
THIS IS WHAT YOU NEED |
|
Access Token Secret |
❌ |
Not needed for this integration |
⚠️ Important: The Access Token is a long alphanumeric string (e.g., 2eeagy01kxr86d6zpsbu6uadqlrysu7j). Copy it immediately as it won’t be shown again.
Step 6: Provide Credentials to ExpertRec
Send the following information to your ExpertRec contact:
store_url": https://www.yourstore.com
access_token": [paste your access token here]Example:
store_url": https://www.yourstore.com
access_token": "23e0eagy01kxr86d6zpsbu6uadqlry7jSecurity Considerations
|
Aspect |
Details |
|---|---|
|
Access Type |
Read-only API access |
|
Data Accessed |
Products, categories, pages, inventory, attributes |
|
Data NOT Accessed |
Orders, customers, payment information |
|
Revocation |
Can be deactivated anytime from Magento Admin |
|
Token Storage |
Store securely – treat like a password |
🔒 Security Note: This token provides read-only access only. ExpertRec cannot modify products, orders, or customer data.
Verification
To verify the integration is working, test the following API endpoints:
1. Products API
curl -g -X GET "https://www.yourstore.com/rest/V1/products?searchCriteria[pageSize]=1" \
-H "Authorization: Bearer [YOUR_TOKEN]" \
-H "Content-Type: application/json"2. Categories API
curl -g -X GET "https://www.yourstore.com/rest/V1/categories" \
-H "Authorization: Bearer [YOUR_TOKEN]" \
-H "Content-Type: application/json"Expected Response
Both commands should return JSON data (not errors). If you see 401 Unauthorized, the token is invalid. If you see 403 Forbidden, permissions are not set correctly.
Troubleshooting
|
Issue |
Solution |
|---|---|
|
401 Unauthorized |
Token is invalid or expired. Regenerate the integration token. |
|
403 Forbidden |
API permissions not set correctly. Review Step 3 and ensure all required permissions are checked. |
|
404 Not Found |
API endpoint URL is incorrect. Verify your store URL. |
|
Empty Response |
API is working but no data found. Check if products exist in catalog. |
Managing the Integration
View Integration Details
-
Navigate to: System → Extensions → Integrations
-
Find ExpertRec Search Integration
-
Click Edit to view or modify
Deactivate Integration
-
Navigate to: System → Extensions → Integrations
-
Find ExpertRec Search Integration
-
Click Deactivate to revoke API access
Delete Integration
-
Navigate to: System → Extensions → Integrations
-
Find ExpertRec Search Integration
-
Click Delete to permanently remove
API Endpoints Used
The integration enables access to the following Magento REST API endpoints:
|
Endpoint |
Purpose |
|---|---|
|
/rest/V1/products |
Fetch product catalog with attributes |
|
/rest/V1/categories |
Fetch category tree structure |
|
/rest/V1/cmsPage/search |
Fetch CMS pages content |
|
/rest/V1/inventory/source-items |
Fetch stock quantities and status |
|
/rest/V1/products/attributes/{code} |
Fetch attribute metadata for mapping |
