Publishable API Keys
In this document, you’ll learn about Publishable API Keys and their architecture.
Introduction
While using Medusa’s APIs, you might have to pass some query parameters for certain resources with every or most requests.
Taking Sales Channels as an example, you have to pass the Sales Channel’s ID as a query parameter to all the necessary API Routes, such as the List Products API Route.
This is a tedious and error-prone process. This is where Publishable API Keys are useful.
Publishable API Keys can be used to scope API calls with an API key, determining what resources are retrieved when querying the API. Currently, they can be associated only with Sales Channels.
For example, you can associate an API key with a B2B channel, then, on the storefront, retrieve only products available in that channel using the API key.
PublishableApiKey Entity Overview
The PublishableApiKey
entity represents a publishable API key that is stored in the database. Some of its important attributes include:
id
: The ID of the publishable API key. This is the API key you’ll use in your API requests.created_by
: The ID of the user that created this API key.revoked_by
: The ID of the user that revoked this API key. A revoked publishable API key cannot be used in requests.
Relation to Other Entities
Sales Channels
A publishable API key can be associated with more than one sales channel, and a sales channel can be associated with more than one publishable API key.
The relation is represented by the entity PublishableApiKeySalesChannel
.
Custom Development
Developers can manage Publishable API Keys and use them when making requests to the Store APIs.
Learn how to manage publishable API keys using Admin APIs.
Learn how to use publishable API keys in a storefront.