Authentication
API Keys
API access is available on the Scale plan. Generate an API key in the app dashboard under Settings → API Keys.
Include your API key in the Authorization header:
Authorization: Bearer your-api-key-hereShopify Session Tokens
For requests from the embedded admin app, authentication uses Shopify session tokens (JWT). The app automatically handles this — no manual setup is required.
Rate Limits
| Plan | Rate Limit |
|---|---|
| Starter | Not available |
| Growth | Not available |
| Pro | Not available |
| Scale | 100 requests/second |
Exceeding the rate limit returns a 429 Too Many Requests response with a Retry-After header.
Error Responses
All API errors follow a consistent format:
{ "error": "Unauthorized", "message": "Invalid or expired API key", "statusCode": 401}| Status Code | Meaning |
|---|---|
| 401 | Invalid or missing API key |
| 403 | Plan does not include API access |
| 429 | Rate limit exceeded |
| 500 | Internal server error |