Five New Optimizely Certifications are Here! Validate your expertise and advance your career with our latest certification exams. Click here to find out more

AI OnAI Off

How to implement a guest customized commerce journey using Optimizely OpenIDConnect anonymous flow?

Taher.elhares
Taher.elhares
Vote:
 

Hello, I am currently working on implementing a guest user journey using grant type anonymous flow. The guest user should be able to add items to his cart and checkout. However, I am facing an issue with the anonymous flow; everytime I request an anonymous token using api/episerver/connect/token/anonymous everything that has been created or added items to the cart with that token won't work on a new one.

I have noticed that my token only lasts for an hour and no refresh token is returned. is there a way to be able to refresh this token or any way to keep the cart data if it expires?

I am open to any suggestions.

Thanks in advance.

 services.AddOpenIDConnect<SiteUser>(
               useDevelopmentCertificate: true,
               signingCertificate: null,
               encryptionCertificate: null,
               createSchema: true,
               options =>
               {

                   var application = new OpenIDConnectApplication()
                   {
                       ClientId = "postman-client",
                       ClientSecret = "postman",
                       Scopes = {
                        "openid",
                        "offline_access",
                        "profile",
                        "email",
                        "roles",
                        "anonymous_id",
                        ContentDeliveryApiOptionsDefaults.Scope,
                        CommerceApiOptionsDefaults.Scope
                       }
                   };
                   application.RedirectUris.Add(new Uri("https://oauth.pstmn.io/v1/callback"));
                   options.Applications.Add(application);
                   options.AllowResourceOwnerPasswordFlow = true;
                   options.AllowAnonymousFlow = true;
               });
#307155
Edited, Aug 20, 2023 12:11
Mark Hall
Mark Hall
Vote:
 

You can pass it in anonymous_id in the url and it will use that as id when it gets to the token.  You can store the anonymous_id in a cookie and resend when you need to refresh,

#307219
Aug 21, 2023 16:20
Taher.elhares - Aug 22, 2023 6:59
Could you please elaborate on this with an example if possible?

Thanks in advance.
Mark Hall
Mark Hall
Vote:
  
 const res = await fetch(`${Config.BASE_URL}api/episerver/connect/token/anonymous`, {
            method: 'POST',
            headers: {
                "Content-Type": "application/x-www-form-urlencoded",
            },
            body: qs.stringify({
                grant_type: "anonymous",
                client_id: "frontend",
                scope: "anonymous_id",
                anonymous_id: "4f6ba206-55df-4e0c-8e4e-6f4192631ee4"
            }),
        })
        const data = await res.json();
#307295
Aug 22, 2023 14:31
Taher.elhares - Aug 23, 2023 6:45
Thanks, but could you please you tell me how do I get the anonymous_id so that I could send it?
Mark Hall - Aug 23, 2023 23:13
You would need to create an identifier in your JavaScript application and store in cookie to be reused. You can create ID in JS like so https://www.geeksforgeeks.org/how-to-create-a-guid-uuid-in-javascript/#
This topic was created over six months ago and has been resolved. If you have a similar question, please create a new topic and refer to this one.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.