Customer Info: How to Get Bearer Token in Magento 2, When you’re working with Magento 2 GraphQL APIs, some data is public (like products or categories), but some — like customer details — require authentication.
To access customer-specific data, you need a bearer token.
In this guide, we’ll walk you through how to generate a bearer token and use it to fetch authenticated customer info in Magento 2.
Customer Info: How to Get Bearer Token in Magento 2
🔑 What is a Bearer Token?
A bearer token is like a key that proves your identity to the Magento server. Once you have it, you can perform actions that require customer login, such as:
- Fetching customer account details
- Managing addresses
- Viewing order history
Without this token, Magento will block access to sensitive customer information.
🛠 How to Get a Bearer Token in Magento 2
To get a bearer token, you need to log in using the customer’s email and password through a GraphQL mutation.
Here’s how:
Step 1: Setup Postman (or any GraphQL client)
Open Postman and create a POST request to your Magento instance:
https://yourdomain.com/graphqlMake sure you set:
- Method: POST
- Headers:
Content-Type:application/json
Step 2: Write the Login Mutation
Use this mutation to get the token:
mutation {
generateCustomerToken(
email: "customer@example.com",
password: "yourpassword123"
) {
token
}
}Step 3: Send the Request
If the credentials are correct, Magento will respond with something like:
{
"data": {
"generateCustomerToken": {
"token": "xyz123abcd456..."
}
}
}
👉 This token is your “bearer token.”
🧩 How to Use the Bearer Token
Now that you have the token, you need to include it in the request headers when calling any protected GraphQL queries.
Add this in your Postman headers:
| Key | Value |
|---|---|
| Authorization | Bearer xyz123abcd456… |
Replace xyz123abcd456... with the actual token you received.
🎯 Example: Fetching Customer Info
Now let’s try fetching basic customer information:
query {
customer {
firstname
lastname
email
}
}
If your token is correct, Magento will return the customer’s profile information.
🚨 Common Issues
- Invalid Credentials: Make sure the email/password are correct.
- Expired Tokens: Bearer tokens may expire after some time or logout.
- Missing Authorization Header: Always set
Authorization: Bearer <your_token>.
✅ Conclusion (Customer Info: How to Get Bearer Token in Magento 2)
Getting a bearer token is the first step when working with authenticated GraphQL queries in Magento 2.
It’s simple, but very important if you’re building customer dashboards, mobile apps, or any system that requires secure user data access.
In the next post, we’ll dive deeper into managing customer addresses via GraphQL. Stay tuned on SB Dev Blog!
Checkout Below post to understand default graphQl in Magento 2.
https://sbdevblog.com/magento-2-default-graphql-queries-explained/
