asyavee/medusa-store
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

docs: added publishable API keys documentation pages (#2972)

Browse Source 
* docs: added publishable api keys docs

* Update docs/content/advanced/admin/manage-publishable-api-keys.mdx

Co-authored-by: Frane Polić <16856471+fPolic@users.noreply.github.com>

* Update publishable-api-keys.mdx

* Update docs/content/advanced/storefront/use-sales-channels.mdx

Co-authored-by: Oliver Windall Juhl <59018053+olivermrbl@users.noreply.github.com>

* added note in admin how-to guide

* added note in conceptual guide

* Update docs/content/advanced/backend/publishable-api-keys/index.md

Co-authored-by: Oliver Windall Juhl <59018053+olivermrbl@users.noreply.github.com>

* small fixes

Co-authored-by: Frane Polić <16856471+fPolic@users.noreply.github.com>
Co-authored-by: Oliver Windall Juhl <59018053+olivermrbl@users.noreply.github.com>
This commit is contained in:
Shahed Nasser
2023-01-11 17:36:51 +02:00
committed by GitHub
parent c94ce03aa2
commit 4156e280ab
16 changed files with 826 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
docs/content/advanced/admin/manage-customers.mdx
View File

@@ -122,6 +122,9 @@ medusa.admin.customers.create({
fetch(`<SERVER_URL>/admin/customers`, {
method: "POST",
credentials: "include",
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify({
email,
password,
@@ -191,6 +194,9 @@ medusa.admin.customers.update(customerId, {
fetch(`<SERVER_URL>/admin/customers/${customerId}`, {
method: "POST",
credentials: "include",
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify({
first_name,
}),

531
docs/content/advanced/admin/manage-publishable-api-keys.mdx Normal file
View File

@@ -0,0 +1,531 @@
import Tabs from '@theme/Tabs';
import TabItem from '@theme/TabItem';
# Manage Publishable API Keys
In this document, youll learn how to manage the publishable API keys using the admin APIs.
## Overview
Publishable API keys allow you to associate a set of resources with an API key. You can then pass that API key in storefront requests to guarantee that processed or returned data is within the scope you defined when creating the API key.
Currently, publishable API keys can only be associated with sales channels.
Using the Admin APIs, you can manage your Publishable API Keys.
:::note
Publishable API keys are only for client-side use. They can be publicly accessible in your code, as they are not authorized for the Admin API.
:::
### Scenario
You want to use or implement the following admin functionalities:
- Manage publishable keys including listing, creating, updating, and deleting them.
- Manage sales channels associated with a publishable API key including listing, adding, and deleting them from the publishable API key.
---
## Prerequisites
### Medusa Components
It is assumed that you already have a Medusa server installed and set up. If not, you can follow the [quickstart guide](../../quickstart/quick-start.mdx) to get started.
### JS Client
This guide includes code snippets to send requests to your Medusa server using Medusas JS Client, JavaScripts Fetch API, or cURL.
If you follow the JS Client code blocks, its assumed you already have [Medusas JS Client](../../js-client/overview.md) installed and have [created an instance of the client](../../js-client/overview.md#configuration).
### Authenticated Admin User
You must be an authenticated admin user before following along with the steps in the tutorial.
You can learn more about [authenticating as an admin user in the API reference](/api/admin/#section/Authentication).
---
## List Publishable API Keys
You can retrieve a list of publishable API keys by sending a request to the [List Publishable API Keys](/api/admin/#tag/PublishableApiKey/operation/GetPublishableApiKeys) endpoint:
<Tabs groupId="request-type" wrapperClassName="code-tabs">
<TabItem value="client" label="Medusa JS Client" default>
```ts
medusa.admin.publishableApiKeys.list()
.then(({ publishable_api_keys, count, limit, offset }) => {
console.log(publishable_api_keys)
})
```
</TabItem>
<TabItem value="fetch" label="Fetch API">
```ts
fetch(`<SERVER_URL>/admin/publishable-api-keys`, {
credentials: "include",
})
.then((response) => response.json())
.then(({ publishable_api_keys, count, limit, offset }) => {
console.log(publishable_api_keys)
})
```
</TabItem>
<TabItem value="curl" label="cURL">
```bash
curl -L -X GET '<SERVER_URL>/admin/publishable-api-keys' \
-H 'Authorization: Bearer <API_TOKEN>'
```
</TabItem>
</Tabs>
This request does not require any path parameters. You can pass it optional query parameters related to expanding fields and pagination, which you can check out in the [API reference](/api/admin/#tag/PublishableApiKey/operation/GetPublishableApiKeys).
This request returns the following data in the response:
- `publishable_api_keys`: An array of publishable API keys.
- `limit`: The maximum number of keys that can be returned.
- `offset`: The number of keys skipped in the result.
- `count`: The total number of keys available.
:::note
You can learn more about pagination in the [API reference](/api/admin/#section/Pagination).
:::
---
## Create a Publishable API Key
You can create a publishable API key by sending a request to the [Create Publishable API Key](/api/admin/#tag/PublishableApiKey/operation/PostPublishableApiKeys) endpoint:
<Tabs groupId="request-type" wrapperClassName="code-tabs">
<TabItem value="client" label="Medusa JS Client" default>
```ts
medusa.admin.publishableApiKeys.create({
title: "Web API Key",
})
.then(({ publishable_api_key }) => {
console.log(publishable_api_key.id)
})
```
</TabItem>
<TabItem value="fetch" label="Fetch API">
```ts
fetch(`<SERVER_URL>/admin/publishable-api-keys`, {
method: "POST",
credentials: "include",
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify({
title: "Web API Key",
}),
})
.then((response) => response.json())
.then(({ publishable_api_key }) => {
console.log(publishable_api_key.id)
})
```
</TabItem>
<TabItem value="curl" label="cURL">
```bash
curl -L -X POST '<SERVER_URL>/admin/publishable-api-keys' \
-H 'Authorization: Bearer <API_TOKEN>' \
-H 'Content-Type: application/json' \
--data-raw '{
"title": "Web API Key"
}'
```
</TabItem>
</Tabs>
This request requires a body parameter `title`, which is the title of the Publishable API Key.
It returns the created publishable API key in the response.
---
## Update a Publishable API Key
You can update a publishable API keys details by sending a request to the [Update Publishable API Key](/api/admin/#tag/PublishableApiKey/operation/PostPublishableApiKysPublishableApiKey) endpoint:
<Tabs groupId="request-type" wrapperClassName="code-tabs">
<TabItem value="client" label="Medusa JS Client" default>
```ts
medusa.admin.publishableApiKeys.update(publishableApiKeyId, {
title: "Web API Key",
})
.then(({ publishable_api_key }) => {
console.log(publishable_api_key.id)
})
```
</TabItem>
<TabItem value="fetch" label="Fetch API">
```ts
fetch(`<SERVER_URL>/admin/publishable-api-keys/${publishableApiKeyId}`, {
method: "POST",
credentials: "include",
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify({
title: "Web API Key",
}),
})
.then((response) => response.json())
.then(({ publishable_api_key }) => {
console.log(publishable_api_key.id)
})
```
</TabItem>
<TabItem value="curl" label="cURL">
```bash
curl -L -X POST '<SERVER_URL>/admin/publishable-api-keys/<PUBLISHABLE_API_KEY>' \
-H 'Authorization: Bearer <API_TOKEN>' \
-H 'Content-Type: application/json' \
--data-raw '{
"title": "Web API Key"
}'
```
</TabItem>
</Tabs>
This request requires the ID of the publishable API key as a path parameter. In its body, it optionally accepts the new `title` of the publishable API key.
This request returns the update publishable API key object in the response.
---
## Revoke a Publishable API Key
Revoking a publishable API key does not remove it, but does not allow using it in future requests.
You can revoke a publishable API key by sending a request to the [Revoke Publishable API Key](/api/admin/#tag/PublishableApiKey/operation/PostPublishableApiKeysPublishableApiKeyRevoke) endpoint:
<Tabs groupId="request-type" wrapperClassName="code-tabs">
<TabItem value="client" label="Medusa JS Client" default>
```ts
medusa.admin.publishableApiKeys.revoke(publishableApiKeyId)
.then(({ publishable_api_key }) => {
console.log(publishable_api_key.id)
})
```
</TabItem>
<TabItem value="fetch" label="Fetch API">
```ts
fetch(
`<SERVER_URL>/admin/publishable-api-keys/${publishableApiKeyId}/revoke`,
{
method: "POST",
credentials: "include",
}
)
.then((response) => response.json())
.then(({ publishable_api_key }) => {
console.log(publishable_api_key.id)
})
```
</TabItem>
<TabItem value="curl" label="cURL">
```bash
curl -L -X POST '<SERVER_URL>/admin/publishable-api-keys/<PUBLISHABLE_API_KEY>/revoke' \
-H 'Authorization: Bearer <API_TOKEN>'
```
</TabItem>
</Tabs>
This request requires the ID of the publishable API key as a path parameter. It returns the updated publishable API key in the response.
---
## Delete a Publishable API Key
You can delete a publishable API key by sending a request to the [Delete Publishable API Key](/api/admin/#tag/PublishableApiKey/operation/DeletePublishableApiKeysPublishableApiKey) endpoint:
<Tabs groupId="request-type" wrapperClassName="code-tabs">
<TabItem value="client" label="Medusa JS Client" default>
```ts
medusa.admin.publishableApiKeys.delete(publishableApiKeyId)
.then(({ id, object, deleted }) => {
console.log(id)
})
```
</TabItem>
<TabItem value="fetch" label="Fetch API">
```ts
fetch(`<SERVER_URL>/admin/publishable-api-keys/${publishableApiKeyId}`, {
method: "DELETE",
credentials: "include",
})
.then((response) => response.json())
.then(({ id, object, deleted }) => {
console.log(id)
})
```
</TabItem>
<TabItem value="curl" label="cURL">
```bash
curl -L -X DELETE '<SERVER_URL>/admin/publishable-api-keys/<PUBLISHABLE_API_KEY>' \
-H 'Authorization: Bearer <API_TOKEN>'
```
</TabItem>
</Tabs>
This request requires the ID of the publishable API key as a path parameter.
It returns the following data in the response:
- `id`: The ID of the deleted publishable API key.
- `object`: A string indicating the type of object deleted. By default, its value is `publishable_api_key`.
- `deleted`: A boolean value indicating whether the publishable API key was deleted or not.
---
## Manage Sales Channels of Publishable API Keys
This section covers how to manage sales channels in a publishable API key. This doesnt affect sales channels and their data, only its association with the publishable API key.
### List Sales Channels of a Publishable API Key
You can retrieve the list of sales channels associated with a publishable API key by sending a request to the [List Sales Channels](/api/admin/#tag/PublishableApiKey/operation/GetPublishableApiKeySalesChannels) endpoint:
<Tabs groupId="request-type" wrapperClassName="code-tabs">
<TabItem value="client" label="Medusa JS Client" default>
```ts
medusa.admin.publishableApiKeys.listSalesChannels(publishableApiKeyId)
.then(({ sales_channels }) => {
console.log(sales_channels)
})
```
</TabItem>
<TabItem value="fetch" label="Fetch API">
<!-- eslint-disable max-len -->
```ts
fetch(
`<SERVER_URL>/admin/publishable-api-keys/${publishableApiKeyId}/sales-channels`,
{
credentials: "include",
}
)
.then((response) => response.json())
.then(({ sales_channels }) => {
console.log(sales_channels)
})
```
</TabItem>
<TabItem value="curl" label="cURL">
```bash
curl -L -X GET '<SERVER_URL>/admin/publishable-api-keys/<PUBLISHABLE_API_KEY>/sales-channels' \
-H 'Authorization: Bearer <API_TOKEN>'
```
</TabItem>
</Tabs>
This request requires the ID of the publishable API key as a path parameter.
It returns an array of sales channels associated with the publishable API key in the response.
### Add Sales Channels to Publishable API Key
You can add a sales channel to a publishable API key by sending a request to the [Add Sales Channels](/api/admin/#tag/PublishableApiKey/operation/PostPublishableApiKeySalesChannelsChannelsBatch) endpoint:
<Tabs groupId="request-type" wrapperClassName="code-tabs">
<TabItem value="client" label="Medusa JS Client" default>
```ts
medusa.admin.publishableApiKeys.addSalesChannelsBatch(
publishableApiKeyId,
{
sales_channel_ids: [
{
id: salesChannelId,
},
],
}
)
.then(({ publishable_api_key }) => {
console.log(publishable_api_key.id)
})
```
</TabItem>
<TabItem value="fetch" label="Fetch API">
<!-- eslint-disable max-len -->
```ts
fetch(
`<SERVER_URL>/admin/publishable-api-keys/${publishableApiKeyId}/sales-channels/batch`,
{
method: "POST",
credentials: "include",
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify({
sales_channel_ids: [
{
id: salesChannelId,
},
],
}),
}
)
.then((response) => response.json())
.then(({ publishable_api_key }) => {
console.log(publishable_api_key.id)
})
```
</TabItem>
<TabItem value="curl" label="cURL">
```bash
curl -L -X POST '<SERVER_URL>/admin/publishable-api-keys/<PUBLISHABLE_API_KEY>/sales-channels/batch' \
-H 'Authorization: Bearer <API_TOKEN>' \
-H 'Content-Type: application/json' \
--data-raw '{
"sales_channel_ids": [
{
"id": "<SALES_CHANNEL_ID>"
}
]
}'
```
</TabItem>
</Tabs>
This request requires passing the ID of the publishable API key as a path parameter.
In its body parameters, its required to pass the `sales_channel_ids` array parameter. Each item in the array is an object containing an `id` property, with its value being the ID of the sales channel to add to the publishable API key.
You can add more than one sales channel in the same request by passing each of them as an object in the array.
This request returns the updated publishable API key in the response.
### Delete Sales Channels from a Publishable API Key
You can delete a sales channel from a publishable API key by sending a request to the [Delete Sales Channels](/api/admin/#tag/PublishableApiKey/operation/DeletePublishableApiKeySalesChannelsChannelsBatch) endpoint:
<Tabs groupId="request-type" wrapperClassName="code-tabs">
<TabItem value="client" label="Medusa JS Client" default>
```ts
medusa.admin.publishableApiKeys.deleteSalesChannelsBatch(
publishableApiKeyId,
{
sales_channel_ids: [
{
id: salesChannelId,
},
],
}
)
.then(({ publishable_api_key }) => {
console.log(publishable_api_key.id)
})
```
</TabItem>
<TabItem value="fetch" label="Fetch API">
<!-- eslint-disable max-len -->
```ts
fetch(
`<SERVER_URL>/admin/publishable-api-keys/${publishableApiKeyId}/sales-channels/batch`,
{
method: "DELETE",
credentials: "include",
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify({
sales_channel_ids: [
{
id: salesChannelId,
},
],
}),
}
)
.then((response) => response.json())
.then(({ publishable_api_key }) => {
console.log(publishable_api_key.id)
})
```
</TabItem>
<TabItem value="curl" label="cURL">
```bash
curl -L -X DELETE '<SERVER_URL>/admin/publishable-api-keys/<PUBLISHABLE_API_KEY>/sales-channels/batch' \
-H 'Authorization: Bearer <API_TOKEN>' \
-H 'Content-Type: application/json' \
--data-raw '{
"sales_channel_ids": [
{
"id": "<SALES_CHANNEL_ID>"
}
]
}'
```
</TabItem>
</Tabs>
This request requires the ID of the publishable API key as a path parameter.
In its body parameters, its required to pass the `sales_channel_ids` array parameter. Each item in the array is an object containing an `id` property, with its value being the ID of the sales channel to delete from the publishable API key.
You can delete more than one sales channel in the same request by passing each of them as an object in the array.
This request returns the updated publishable API key in the response.
---
## See Also
- [Publishable API key overview](../backend/publishable-api-keys/index.md)
- [Publishable API key admin API reference](/api/admin/#tag/PublishableApiKey)

111
docs/content/advanced/backend/publishable-api-keys/index.md Normal file
View File

@@ -0,0 +1,111 @@
# Publishable API Keys Overview
In this document, youll learn about Publishable API Keys and their usage.
## Introduction
While using Medusas APIs, you might have to pass some query parameters for certain resources with every or most requests.
Taking Sales Channels as an example, you have to pass the Sales Channels ID as a query parameter to all the necessary endpoints, such as the List Products endpoint.
This is a tedious and error-prone process. This is where Publishable API Keys are useful.
Publishable API Keys can be used to scope API calls with an API key, determining what resources are retrieved when querying the API. Currently, they can be associated only with Sales Channels.
For example, you can associate an API key with a B2B channel, then, on the storefront, retrieve only products available in that channel using the API key.
---
## PublishableApiKey Entity Overview
The `PublishableApiKey` entity represents a publishable API key that is stored in the database. Some of its important attributes include:
- `id`: The ID of the publishable API key. This is the API key youll use in your API requests.
- `created_by`: The ID of the user that created this API key.
- `revoked_by`: The ID of the user that revoked this API key. A revoked publishable API key cannot be used in requests.
---
## Relation to Other Entities
### Sales Channels
A publishable API key can be associated with more than one sales channel, and a sales channel can be associated with more than one publishable API key.
The relation is represented by the entity `PublishableApiKeySalesChannel`.
---
## Using Publishable API Keys in Requests
:::note
Publishable API keys are only for client-side use. They can be publicly accessible in your code, as they are not authorized for the Admin API.
:::
### Using Medusa JS Client
When using [Medusas JS Client](../../../js-client/overview.md), you can pass it to the client only once when you create the instance of the client:
```ts
const medusa = new Medusa({
maxRetries: 3,
baseUrl: "https://api.example.com",
publishableApiKey,
})
```
This will add the API key as in the header parameter `x-publishable-api-key` on all requests.
You can also use the `setPublishableKey` method to set it at a later point:
```ts
const medusa = new Medusa({
// ...
})
// at a later point
medusa.setPublishableKey(publishableApiKey)
```
### Using Medusa React
You can pass the publishable API key to the `MedusaProvider` component:
```tsx
const App = () => {
return (
<MedusaProvider
queryClientProviderProps={{ client: queryClient }}
baseUrl="http://localhost:9000"
// ...
publishableApiKey={publishableApiKey}
>
<MyStorefront />
</MedusaProvider>
)
}
```
Then, the API key will be passed in the header parameter `x-publishable-api-key` of every request.
### Using Other Methods
For other ways of sending requests to your Medusa server, such as using the Fetch API, you must pass `x-publishable-api-key` in the header of every request. Its value is the publishable API keys `id`.
```ts
fetch(`<SERVER_URL>/store/products`, {
credentials: "include",
headers: {
"x-publishable-api-key": publishableApiKey,
},
})
```
---
## See Also
- [How to manage publishable keys as an admin](../../admin/manage-publishable-api-keys.mdx)
- [Publishable API keys admin API reference](/api/admin/#tag/PublishableApiKey)

9
docs/content/advanced/storefront/use-sales-channels.mdx
View File

@@ -11,6 +11,15 @@ In your storefront, you can filter products by sales channels. You can also asso
This guide explains how to perform these operations using the Storefront APIs.
### Alternative Approach: Publishable API keys
This guide covers how to pass the sales channel ID into different requests to retrieve or process data associated with the sales channel.
An alternative approach is to use Publishable API keys. You can learn how to use them in the following documents:
- [Using publishable API keys in requests](../backend/publishable-api-keys/index.md)
- Managing publishable API keys using [admin APIs](../admin/manage-publishable-api-keys.mdx) or using [Medusa Admin](../../user-guide/settings/publishable-api-keys.mdx)
---
## Prerequisites

11
docs/content/js-client/overview.md
View File

@@ -80,8 +80,9 @@ const medusa = new Medusa({
})
```
| Option | Default | Description |
| ------------ | ------------------------- | --------------------------------------------------------- |
| `maxRetries` | `0` | The amount of times a request is retried. |
| `baseUrl` | `'http://localhost:9000'` | The url to which requests are made to. |
| `apiKey` | `''` | Optional api key used for authenticating admin requests . |
| Option | Default | Description |
| ------------------- | ------------------------- | --------------------------------------------------------- |
| `maxRetries` | `0` | The amount of times a request is retried. |
| `baseUrl` | `'http://localhost:9000'` | The url to which requests are made to. |
| `apiKey` | `''` | Optional api key used for authenticating admin requests . |
| `publishableApiKey` | `''` | Optional publishable API key used for storefront requests.|

116
docs/content/user-guide/settings/publishable-api-keys.mdx Normal file
View File

@@ -0,0 +1,116 @@
---
sidebar_position: 4
---
import UiIcon from '@site/src/components/UiIcon';
# Manage Publishable API Keys
In this document, youll learn how to manage publishable API keys in Medusa Admin.
## Overview
Publishable API keys are used by developers or technical teams. They are used to define the resources that an API key is associated with and can access.
Then, this publishable API key is used in storefront development to retrieve or process data based on the scope of the publishable API key.
Currently, publishable API keys can only be used with sales channels.
---
## Create Publishable API Key
To create a publishable API key:
1. Go to Settings → API key management.
2. Click on the “Create API key” button at the top right.
3. In the new form that opens:
1. Enter a name for the API key in the Title field.
2. You can optionally add sales channels. To do that:
1. Click on the “Add sales channels” button.
2. Click on the checkbox next to the sales channels you want to add.
3. Click on the “Save and close” button.
4. Once youre done, click on the “Publish API key” button.
---
## Copy Token of API Key
To copy the token of an API key:
1. Go to Settings → API key management.
2. Click on the <UiIcon lightIcon="https://res.cloudinary.com/dza7lstvk/image/upload/v1667999308/Medusa%20Docs/UI%20Icons/1ordBC6_ssysel.png" darkIcon="https://res.cloudinary.com/dza7lstvk/image/upload/v1667999326/Medusa%20Docs/UI%20Icons/dSwWYBH_stzgoi.png" alt="three dots" /> icon next to the API key you want to copy.
3. Click on “Copy token” from the dropdown.
---
## Edit API Key Details
To edit the details of an API key:
1. Go to Settings → API key management.
2. Click on the <UiIcon lightIcon="https://res.cloudinary.com/dza7lstvk/image/upload/v1667999308/Medusa%20Docs/UI%20Icons/1ordBC6_ssysel.png" darkIcon="https://res.cloudinary.com/dza7lstvk/image/upload/v1667999326/Medusa%20Docs/UI%20Icons/dSwWYBH_stzgoi.png" alt="three dots" /> icon next to the API key you want to edit.
3. Click on “Edit API key details” from the dropdown.
4. Change the title of the API Key in the side window that opens.
5. Click on the “Save and close” button.
---
## Manage Sales Channels of a Publishable API Key
:::info
Making any changes in the sales channels here does not affect the sales channel itself or any of its data. This only impacts the relation between sales channels and publishable API keys.
:::
You can add or delete sales channels from a publishable API key. Adding a sales channel makes it accessible using the publishable API key. Removing a sales channel from a publishable API key removes the API keys access to the sales channel.
To manage sales channels of a publishable API key:
1. Go to Settings → API key management.
2. Click on the <UiIcon lightIcon="https://res.cloudinary.com/dza7lstvk/image/upload/v1667999308/Medusa%20Docs/UI%20Icons/1ordBC6_ssysel.png" darkIcon="https://res.cloudinary.com/dza7lstvk/image/upload/v1667999326/Medusa%20Docs/UI%20Icons/dSwWYBH_stzgoi.png" alt="three dots" /> icon next to the API key you want to manage its sales channels.
3. Click on “Edit sales channels” from the dropdown.
4. In the side window that opens:
1. To add a sales channel to the publishable API key:
1. Click on the “Add channels” button.
2. Click on the checkbox next to the sales channels you want to add.
3. Once done, click on the “Add and go back” button to add the sales channels and continue editing, or click on the “Add and close” to add the sales channels and close the side menu.
2. To delete a sales channel from the publishable API key:
1. Click on the checkbox next to the sales channels you want to delete.
2. Click on the “Remove” button.
5. Once youre done editing, click on the Close button.
---
## Revoke Publishable API Key
:::warning
Revoking a publishable API key does not remove it, but the API key cant be used in development anymore. It can't be undone.
:::
To revoke a publishable API key:
1. Go to Settings → API key management.
2. Click on the <UiIcon lightIcon="https://res.cloudinary.com/dza7lstvk/image/upload/v1667999308/Medusa%20Docs/UI%20Icons/1ordBC6_ssysel.png" darkIcon="https://res.cloudinary.com/dza7lstvk/image/upload/v1667999326/Medusa%20Docs/UI%20Icons/dSwWYBH_stzgoi.png" alt="three dots" /> icon next to the API key you want to revoke.
3. Click on “Revoke token” from the dropdown.
4. Confirm revoking the publishable API key by clicking the “Yes, revoke” button in the pop-up.
---
## Delete Publishable API Key
:::warning
Deleting a publishable API key completely removes it and the API key cant be used in development anymore. It can't be undone.
:::
To delete a publishable API key:
1. Go to Settings → API key management.
2. Click on the <UiIcon lightIcon="https://res.cloudinary.com/dza7lstvk/image/upload/v1667999308/Medusa%20Docs/UI%20Icons/1ordBC6_ssysel.png" darkIcon="https://res.cloudinary.com/dza7lstvk/image/upload/v1667999326/Medusa%20Docs/UI%20Icons/dSwWYBH_stzgoi.png" alt="three dots" /> icon next to the API key you want to delete.
3. Click on “Delete API key” from the dropdown.
4. Confirm deleting the publishable API key by clicking the “Yes, delete” button in the pop-up.