Authentication

Most endpoints are public and do not require authentication.

The /current_user/ endpoint requires an authenticated session cookie. Pass it via the X-Cookie header when using Swagger UI.

Use Cookie header while testing in postman or other tools.

Some commerce applications may support 'sesionid' instead of 'osessionid'.