Publishable API Key

Publishable API Keys allow you to send a request with a pre-defined scope. You can associate the publishable API key with one or more resources, such as sales channels, then include the publishable
API key in the header of your requests.

The Medusa backend will infer the scope of the current request based on the publishable API key. At the moment, publishable API keys only work with sales channels.

It's highly recommended to create a publishable API key and pass it in the header of all your requests to the store APIs.

You can learn more about publishable API keys and how to use them in this documentation.

How to Create a Publishable API Key

You can create a publishable API key either using the admin REST APIs,
or using the Medusa admin.

How to Use a Publishable API Key

You can pass the publishable API key in the header x-publishable-api-key in all your requests to the store APIs:

x-publishable-api-key: {your_publishable_api_key}

If you're using Medusa's JS or Medusa React clients, you can pass the publishable API key when you first initialize either clients. Then, the publishable API key will be automatically included in all your requests:

Medusa JS Client:

const medusa = new Medusa({
  maxRetries: 3,
  baseUrl: "https://api.example.com",
  publishableApiKey,
})

Medusa React:

import { MedusaProvider } from "medusa-react"

// define query client...

const App = () => {
  return (
    <MedusaProvider
      queryClientProviderProps={{ client: queryClient }}
      baseUrl="http://localhost:9000"
      // ...
      publishableApiKey={publishableApiKey}
    >
      <MyStorefront />
    </MedusaProvider>
  )
}