Virtual Happy Hour this month, Jun 28, we'll be getting a sneak preview at our soon to launch SaaS CMS!

Try our conversational search powered by Generative AI!

How to implement a guest customized commerce journey using Optimizely OpenIDConnect anonymous flow?


Hello, I am currently working on implementing a guest user journey using grant type anonymous flow. The guest user should be able to add items to his cart and checkout. However, I am facing an issue with the anonymous flow; everytime I request an anonymous token using api/episerver/connect/token/anonymous everything that has been created or added items to the cart with that token won't work on a new one.

I have noticed that my token only lasts for an hour and no refresh token is returned. is there a way to be able to refresh this token or any way to keep the cart data if it expires?

I am open to any suggestions.

Thanks in advance.

               useDevelopmentCertificate: true,
               signingCertificate: null,
               encryptionCertificate: null,
               createSchema: true,
               options =>

                   var application = new OpenIDConnectApplication()
                       ClientId = "postman-client",
                       ClientSecret = "postman",
                       Scopes = {
                   application.RedirectUris.Add(new Uri(""));
                   options.AllowResourceOwnerPasswordFlow = true;
                   options.AllowAnonymousFlow = true;
Edited, Aug 20, 2023 12:11

You can pass it in anonymous_id in the url and it will use that as id when it gets to the token.  You can store the anonymous_id in a cookie and resend when you need to refresh,

Aug 21, 2023 16:20
Taher.elhares - Aug 22, 2023 6:59
Could you please elaborate on this with an example if possible?

Thanks in advance.
 const res = await fetch(`${Config.BASE_URL}api/episerver/connect/token/anonymous`, {
            method: 'POST',
            headers: {
                "Content-Type": "application/x-www-form-urlencoded",
            body: qs.stringify({
                grant_type: "anonymous",
                client_id: "frontend",
                scope: "anonymous_id",
                anonymous_id: "4f6ba206-55df-4e0c-8e4e-6f4192631ee4"
        const data = await res.json();
Aug 22, 2023 14:31
Taher.elhares - Aug 23, 2023 6:45
Thanks, but could you please you tell me how do I get the anonymous_id so that I could send it?
Mark Hall - Aug 23, 2023 23:13
You would need to create an identifier in your JavaScript application and store in cookie to be reused. You can create ID in JS like so
This topic was created over six months ago and has been resolved. If you have a similar question, please create a new topic and refer to this one.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.