Authentication is a crucial aspect of API integrations, backend, and frontend app development. It ensures authorized access by requiring valid credentials like API keys or tokens. This shields sensitive data, prevents breaches, and builds user trust. Get started with VTEX authentication for developers with the following guides:
- API authentication using application keys
- API authentication using user tokens
- App authentication using auth tokens
There are different contexts in which authentication is required in the regular functioning of a VTEX store. Below are some example use cases and the recommended authentication methods.
| Use case | Indicated authentication methods |
|---|---|
| Backend VTEX IO app | User token via VTEX IO context, or, if needed, app authentication token via VTEX IO context |
| Frontend VTEX IO app | User token via VTEX IO context |
| Self-hosted backend request to VTEX APIs | Application keys |
| Self-hosted frontend request to VTEX APIs | User token |
Single sign on integrations
VTEX allows stores to integrate with external identity providers to provide single sign on (SSO) experiences to shoppers and Administrative users. You can learn more about this in the article Login (SSO) and below you can find more information on these and other SSO use cases:
- Store SSO with OAuth 2.0
- Admin SSO with SAML 2.0
- Use your VTEX account as an OAuth provider
- Unifying login for different accounts
Learn more
- Authorization: Users, Roles and License Manager Resources
- Auditability: Audit