docs/developer/sdk/authentication.mdx
import SdkClientSetup from '/snippets/store-api/sdk-client-setup.mdx' import AuthJwtExample from '/snippets/store-api/auth-jwt-example.mdx' import AuthGuestCart from '/snippets/store-api/auth-guest-cart.mdx'
The SDK supports multiple authentication modes depending on your use case. For a full overview of the API authentication methods, see the Store API Authentication reference.
Use a publishable API key for public endpoints like browsing products:
<SdkClientSetup />// Public endpoints work without user authentication
const products = await client.products.list()
For authenticated customer actions like viewing orders or managing addresses:
<AuthJwtExample />// Refresh token when needed
const newTokens = await client.auth.refresh({ token })
const { token, user } = await client.customers.create({
email: '[email protected]',
password: 'password123',
password_confirmation: 'password123',
first_name: 'John',
last_name: 'Doe',
})
For guest checkout, use the token returned when creating a cart. The SDK automatically sends it via the x-spree-token header:
const options = { spreeToken: cart.token }
// Update cart with email
await client.carts.update(cart.id, {
email: '[email protected]',
}, options)
// Complete checkout
await client.carts.complete(cart.id, options)