API Keys Module


Easily manage store and admin accesses

Manage your API keys to authenticate and authorize accesses across your admin and store.


One place to manage all API keys

Create, modify, roll, and revoke publishable and secret API keys directly in your Medusa Admin.

Publishable and secret API keys

new feature

Create publishable API keys accessible on client side or generate secret API keys to store in your server-side code.

altText of the image

Manage all keys in one place

Create, edit, roll, or revoke API keys directly in the Medusa Admin, where you can view the status of all existing API keys.

altText of the image

Verify authentication claims

Use along with the Authentication Module to verify authentication claims for a given API Key.

altText of the image

API key engine for user authentication

Manage all of your store and admin API keys through Medusa.

Manage your API keys

  • Create, modify, revoke, and roll API keys in your admin

  • Choose between secret and publishable API keys

  • Verify authentication claims for an API key

  • View statuses of all API keys in the admin

  • Connect sales channel access to your API keys

    Connect and customize

    • Use to manage auth with the Authentication Module

    • Ships as a standalone npm package

    • Extend with your own custom data models

    • Use standalone with your own systems

    • Works with all Medusa modules

    • Use Workflows to connect with third-party systems


      Get Started

      Copy the command and get started with Medusa in 3 mins.