After July 2021, the 2.3.x release line will no longer receive quality updates, or user guide updates. PHP 7.3 reaches end of support in December 2021 and Adobe Commerce 2.3.x reaches end of support in September 2022. We strongly recommend planning your upgrade now to Adobe Commerce 2.4.x to help maintain PCI compliance.


The information on this page is intended for Adobe Commerce 2.3 customers who are on an extended support contract. The Adobe Commerce Merchant Documentation for current releases is published on the Adobe Experience League.

Establishes the location of OAuth credentials and redirect URL for third-party integrations, and identifies the available API resources that are needed for the integration.

Integrations Integrations

Onboarding workflow

  1. Authorize the integration - Go to the System > Extensions > Integrations screen, find the relevant integration, and authorize.
  2. Verify and establish login - When prompted, accept the access requested. If redirected to a third-party, log in to the system, or create a new account. After a successful login, you return to the integration page.
  3. Receive confirmation of authorized integration - The system sends notification that the integration has been authorized successfully. After setting up an integration and receiving the credentials, it is no longer necessary to make calls to access or request tokens.

Add a new integration

  1. On the Admin sidebar, go to System > Extensions > Integrations.

  2. Enter the following Integration Info:

    • Enter the Name of the integration and the contact Email address.

    • Enter the Callback URL where OAuth credentials can be sent when using OAuth for token exchange. We strongly recommend using https://.

    • Enter the Identity Link URL to redirect the users to a third-party account with these Magento integration credentials.

    New integration New Integration

  3. In the left panel, choose API and do the following:

    • Set Resource Access to one of the following:

      • All
      • Custom
    • For custom access, select the checkbox of each resource that is needed.

      Integrations - available API Resources Needed for Custom Access

  4. When complete, click Save.

Change the API guest access security setting

By default, the system does not permit anonymous guest access to CMS, catalog, and other store resources. If you need to change the setting, do the following:

  1. On the Admin sidebar, go to Stores > Settings > Configuration.

  2. In the left panel, expand Services and choose Magento Web API.

  3. Expand Expansion selector the Web API Security Setting section.

    Services configuration - web API security settings Web API Security

  4. Set Allow Anonymous Guest Access to Yes.

  5. When complete, click Save Config.

See Restricting access to anonymous web APIs in the Magento developer documentation.