API Keys & Authentication
Learn how to generate API keys and authenticate with the Wemarka REST API.
Getting an API Key
- Sign in to the Developer Portal.
- Navigate to API Keys.
- Click Create API Key.
- Choose an environment:
- Test — For development and testing. Keys start with
wk_test_. - Live — For production use. Keys start with
wk_live_.
- Test — For development and testing. Keys start with
- Select the scopes your key needs (e.g.,
catalog:read,orders:write). - Copy your key immediately — it will only be shown once.
Authentication
Include your API key in the Authorization header of every request:
Authorization: Bearer wk_live_your_key_here
Key Scopes
| Scope | Description |
|-------|-------------|
| catalog:read | Browse stores, products, and categories. |
| orders:write | Place orders on behalf of customers. |
Security Best Practices
- Never expose keys in client-side code. Use server-side calls only.
- Rotate keys regularly. Revoke old keys from the Developer Portal.
- Use test keys for development. Only use live keys in production.
- Limit scopes. Only grant the permissions your integration needs.
Next Steps
- Read the API Documentation for endpoint reference.
- Set up Webhooks for real-time event notifications.