Storrik LogoStorrik Docs
APICustomers

Authentication

Learn how to authenticate with the Storrik Customers API

Authentication

The Customer API uses passwordless authentication for customers.

All requests must include a valid Publishable Key (PK), and customer-authenticated endpoints additionally require a customer session token.

Detailed request and response schemas are documented in the API Reference section.

Store authentication (PK key)

Every Customer API request must include a Publishable Key in the Authorization header.

The PK key:

  • Identifies the store
  • Automatically scopes all requests to that store
  • Replaces the need for a manual store identifier

Example:

Authorization: pk_live_123

If the PK key is missing or invalid, the request will be rejected.

For details on PK keys, permissions, and generation, see Authentication - Reference.

Customer login flow

Customer authentication is handled via a passwordless email verification flow.

Step 1. Start login

The customer submits their email address to initiate login.

An email containing a one-time verification code is sent to the customer.

POST /customer/login

See the full request details in Customer Login – Reference

Step 2. Verify login code

The customer submits the verification code to complete authentication.

POST /customer/login/verify

If the code is valid:

  • A customer session token is issued

Verification codes are single-use and expire automatically.

Full request and response schemas are available in the API Reference.

Overview

Learn how to use the Storrik Customers API

On this page

AuthenticationStore authentication (PK key)Customer login flowStep 1. Start loginStep 2. Verify login code