SellApp
Guides

Authentication

Authenticate SellApp API requests with your API key.

You'll need to authenticate your requests to access any of the endpoints in the SellApp API. SellApp currently offers one way to authenticate API requests: using a secret API key.

Authentication with a secret API key

Authenticating with the SellApp API is done by passing your secret API key in the request headers.

Example request with bearer token
curl --request GET \
  --url 'https://sell.app/api/v1/invoices' \
  --header 'Authorization: Bearer {ApiKeyHere}' \
  --header 'Content-Type: application/json'

Creating and managing a secret API key

If you do not already have a secret API key, you can generate one in your store developers settings. Always keep your API key safe and rotate it if you suspect it has been compromised.

API keys are tied to an account, not a storefront. While you can toggle API permissions on or off while creating an API key, access to resources still depends on what permissions your account has on the storefront you are interacting with.

As the owner of a storefront, you will always have full access to all API endpoints, provided the relevant permissions were enabled when the key was created.

If your account is part of a storefront as support staff, you can only access resources that your account has been given permission to manage. For example, a support staff account limited to tickets cannot modify products or create groups through the API.

Multiple stores

If your account belongs to multiple storefronts, you can pass an X-STORE header to specify which store you want to access. If you do not own any stores or do not pass the header, the API defaults to the first store you own or joined.

If you want to access bob.sell.app, you would pass the slug bob via the X-STORE header:

Example request accessing bob.sell.app invoices
curl --request GET \
  --url 'https://sell.app/api/v1/invoices' \
  --header 'Authorization: Bearer {ApiKeyHere}' \
  --header 'X-STORE: bob' \
  --header 'Content-Type: application/json'

Using an SDK

If you use an SDK, you do not need to manage most of the request setup yourself. Fetch your API key from your developers settings, then let the client library handle the authentication headers and request plumbing for you.

For currently known packages and integrations, see SDKs & Extensions.

API Reference

Build against the SellApp API with guides, reference endpoints, and migration-ready examples.

Errors

Understand SellApp API error responses and failure modes.

On this page

Authentication with a secret API keyCreating and managing a secret API keyMultiple storesUsing an SDK