From b9e7090842b9505e9002328dc96841a5f9e6877d Mon Sep 17 00:00:00 2001 From: Shahed Nasser Date: Thu, 26 Dec 2024 14:26:57 +0200 Subject: [PATCH] docs: fix and improve details on sending authenticated requests with API token (#10744) * docs: fix and improve details on sending authenticated requests with API token * fix security schema --- www/apps/api-reference/markdown/admin.mdx | 39 ++++++++++++++++--- .../markdown/client-libraries.mdx | 2 +- .../specs/admin/openapi.full.yaml | 5 +-- .../api-reference/specs/admin/openapi.yaml | 5 +-- .../specs/store/openapi.full.yaml | 24 ++++++++---- .../specs/store/paths/store_products.yaml | 24 ++++++++---- .../oas-output/base/admin.oas.base.yaml | 5 +-- 7 files changed, 73 insertions(+), 31 deletions(-) diff --git a/www/apps/api-reference/markdown/admin.mdx b/www/apps/api-reference/markdown/admin.mdx index e2eee7359eadd..eb8f3eb6b7dc1 100644 --- a/www/apps/api-reference/markdown/admin.mdx +++ b/www/apps/api-reference/markdown/admin.mdx @@ -133,7 +133,7 @@ Authorization: Bearer {jwt_token} ### 2. API Token -Use a user's API Token to send authenticated requests. +Use a user's secret API Token to send authenticated requests. @@ -145,7 +145,7 @@ Use a user's API Token to send authenticated requests. #### How to Create an API Token for a User -Use the [Create API Key API Route](#api-keys_postapikeys) to create an API token. +Create the API key token either from the Medusa Admin or using the [Create API Key API Route](#api-keys_postapikeys). @@ -180,16 +180,45 @@ curl -X POST 'localhost:9000/admin/api-keys' \ #### How to Use the API Token -Use the API token by passing it in a basic authorization header. +You pass the API Key token as a base64 token in the authorization header. For example, when sending a request in JavaScript: + + + +When using the JS SDK, you only need to specify the API key token in the [configurations](!resources!/js-sdk#js-sdk-configurations). The JS SDK will handle passing the token as expected. + + -```bash title="Use API token" -Authorization: Basic {api_key_token} + + + +```js +fetch(`{backend_url}/admin/products`, { + headers: { + Authorization: `Basic ${window.btoa(`:${api_key_token}`)}`, + }, +}) +``` + + + + +```js +fetch(`{backend_url}/admin/products`, { + headers: { + Authorization: `Basic ${ + Buffer.from(`:${api_key_token}`).toString("base64") + }`, + }, +}) ``` + + + diff --git a/www/apps/api-reference/markdown/client-libraries.mdx b/www/apps/api-reference/markdown/client-libraries.mdx index dae6acb7bbe22..b91086e821ca4 100644 --- a/www/apps/api-reference/markdown/client-libraries.mdx +++ b/www/apps/api-reference/markdown/client-libraries.mdx @@ -16,7 +16,7 @@ To use Medusa's JS SDK library, install the following packages in your project ( npm install @medusajs/js-sdk@latest @medusajs/types@latest ``` -Learn more about the JS SDK in [this documentation](!resources!/js-sdk). +Learn more about the JS SDK and how to configure it in [this documentation](!resources!/js-sdk). ### Download Full Reference diff --git a/www/apps/api-reference/specs/admin/openapi.full.yaml b/www/apps/api-reference/specs/admin/openapi.full.yaml index 96ba4a96838f7..7184767dc5a65 100644 --- a/www/apps/api-reference/specs/admin/openapi.full.yaml +++ b/www/apps/api-reference/specs/admin/openapi.full.yaml @@ -69757,10 +69757,9 @@ components: type: unknown_error securitySchemes: api_token: - type: apiKey + type: http x-displayName: API Token - in: header - name: x-medusa-access-token + scheme: bearer jwt_token: type: http x-displayName: JWT Token diff --git a/www/apps/api-reference/specs/admin/openapi.yaml b/www/apps/api-reference/specs/admin/openapi.yaml index 73158d3e05871..a6e6ce5060d1f 100644 --- a/www/apps/api-reference/specs/admin/openapi.yaml +++ b/www/apps/api-reference/specs/admin/openapi.yaml @@ -1028,10 +1028,9 @@ paths: components: securitySchemes: api_token: - type: apiKey + type: http x-displayName: API Token - in: header - name: x-medusa-access-token + scheme: bearer jwt_token: type: http x-displayName: JWT Token diff --git a/www/apps/api-reference/specs/store/openapi.full.yaml b/www/apps/api-reference/specs/store/openapi.full.yaml index 092ba58c2770c..2575bab09fe97 100644 --- a/www/apps/api-reference/specs/store/openapi.full.yaml +++ b/www/apps/api-reference/specs/store/openapi.full.yaml @@ -5031,14 +5031,6 @@ paths: type: string title: category_id description: A product category's ID. - - name: currency_code - in: query - description: The currency code to retrieve prices in. - required: false - schema: - type: string - title: currency_code - description: The currency code to retrieve prices in. - name: variants in: query description: Filter the products' variants. @@ -5063,6 +5055,22 @@ paths: type: string title: value description: Filter by a value of the option. + - name: country_code + in: query + description: The product's country code. + required: false + schema: + type: string + title: country_code + description: The product's country code. + - name: cart_id + in: query + description: The product's cart id. + required: false + schema: + type: string + title: cart_id + description: The product's cart id. x-codeSamples: - lang: Shell label: cURL diff --git a/www/apps/api-reference/specs/store/paths/store_products.yaml b/www/apps/api-reference/specs/store/paths/store_products.yaml index 57f8d3a80c62f..54cbe6aaaa392 100644 --- a/www/apps/api-reference/specs/store/paths/store_products.yaml +++ b/www/apps/api-reference/specs/store/paths/store_products.yaml @@ -789,14 +789,6 @@ get: type: string title: category_id description: A product category's ID. - - name: currency_code - in: query - description: The currency code to retrieve prices in. - required: false - schema: - type: string - title: currency_code - description: The currency code to retrieve prices in. - name: variants in: query description: Filter the products' variants. @@ -821,6 +813,22 @@ get: type: string title: value description: Filter by a value of the option. + - name: country_code + in: query + description: The product's country code. + required: false + schema: + type: string + title: country_code + description: The product's country code. + - name: cart_id + in: query + description: The product's cart id. + required: false + schema: + type: string + title: cart_id + description: The product's cart id. x-codeSamples: - lang: Shell label: cURL diff --git a/www/utils/generated/oas-output/base/admin.oas.base.yaml b/www/utils/generated/oas-output/base/admin.oas.base.yaml index 9185a52abc92c..84724e8e30ccf 100644 --- a/www/utils/generated/oas-output/base/admin.oas.base.yaml +++ b/www/utils/generated/oas-output/base/admin.oas.base.yaml @@ -735,10 +735,9 @@ components: type: unknown_error securitySchemes: api_token: - type: apiKey + type: http x-displayName: API Token - in: header - name: x-medusa-access-token + scheme: bearer jwt_token: type: http x-displayName: JWT Token