Magento 2 API Get Admin Token

Magento 2 offers API, which allows you to create powerful applications harnessing the power of Magento. Before you can make API an call, you need the authorization to access your Magento store. Admin token based is an excellent method of authorization. In this post, I will instruct you to get an admin token to access the API resource.

Magento API Integration Service by Mageplaza

Connect your store with any 3rd-party software and boost customer experience quickly and efficiently.

Learn more
Magento API Integration service

The API Call Elements

Each step in this post gives the following information which are the elements of the API call:


This section shows the HTTP verbs and the full URL to the endpoint.
A REST call in Magento has a basic structure like this:

<HTTP verb> http://<host>/rest/<scope>/<endpoint>


Element Description
HTTP verb One of GET, POST, PUT, or DELETE
host The hostname or IP address (and optionally, port) of the Magento installation.
scope Specifies which store the call affects. In this tutorial, this value is default.
endpoint The full URI (Uniform Resource Identifier) to the endpoint. These values always start with /V1. For example, /V1/orders/4.

HTTP Headers

This section shows which key/ value pairs you have to specify in the HTTP headers. All calls require one or more HTTP headers.


This section shows the information which is sent to Magento. You can copy and paste payload samples that are all valid into your call. However, you may need to change the id values which Magento returns.


This section shows the information which the REST client receives from Magento. These values are often used in order processing. There may be a difference between the values Magento returns and the values shown in the examples of the tutorial.

Magento 2 extensions

Magento 2 extensions

Allow you to achieve more with your online store

Check it out!

Get The Admin Authorization Token

Most REST calls to Magento require an authorization token. Thanks to the token, Magento can verify that the caller is authorized to access a system resource. To get a token, you need to specify the user’s name and password in the payload.

By default, an admin token is valid for 4 hours. To change this value, please access to your admin panel and navigate to Stores > Settings > Configuration > Services > OAuth > Access Token Expiration > Admin Token Lifetime (hours).


POST <host>/rest/<store_code>/V1/integration/admin/token


Content-Type application/json


  "username": "admin",
  "password": "123123q"


Magento returns the admin’s access token.


You need to specify this token in the authorization header of every call that requires admin permissions.

Verify The Results

Because the tokens are not shown in the admin panel, there are no additional verification steps.


Above are the detailed instructions for getting the admin token to access the Magento 2 API resource. I hope that this article will be helpful for you. If you have any questions or want to give some opinions, feel free to leave a comment below.

Image Description
With over a decade of experience crafting innovative tech solutions for ecommerce businesses built on Magento, Jacker is the mastermind behind our secure and well-functioned extensions. With his expertise in building user-friendly interfaces and robust back-end systems, Mageplaza was able to deliver exceptional Magento solutions and services for over 122K+ customers around the world.