Authorization
Last updated
Was this helpful?
Last updated
Was this helpful?
Merchant accounts have the following permissions:
Name
Description
Relevance
home
Access to dashboard home section
Dashboard only
orders
Access to order information, including payments and shipments
Dashboard and API
reports
Access to order summary analytics
Dashboard and API
products
Access to product catalog
Dashboard and API
customers
Access to shopper information
Dashboard and API
appearance
Access to store front content and design customization features
Dashboard only
settings
Access to store configuration settings
Dashboard and API
The various store management functions exposed in are protected with the same permission model. For example, attempting to access an order endpoint using an API key for a user lacking the orders permission will return a 403 Forbidden response.
At the moment, merchant account permissions can be modified in the "Staff Accounts" subsection (under the dashboard's "Settings" section).
Every store has an owner account. Owner accounts always have full permissions.
Permission information can be queried programmatically by calling the endpoint.
If an account is on an expired trial, a subscription has to be purchased to use most of the API endpoints. Attempting to make API calls to a account whose trial has ended (and without a subscription) will return a 402 Payment Required response.