Fourthwall API Surfaces: Which API Does My Key Authenticate With?
Updated May 13, 2026
Match each developer credential to the Fourthwall API surface it actually authenticates against
Fourthwall exposes three separate API surfaces, and each accepts a different credential. The credential you generate is tied to the tab you generated it from. Use this article to confirm which API your key works against before you start sending requests, or to diagnose a 401 response after you have.
There are two credentials and three APIs:
- OpenAPI credential (from the OpenAPI tab). Authenticates against the Platform Open API and the Product Offer Open API.
- Storefront API token (from the Storefront API tab, formerly labeled Headless). Authenticates against the Storefront API only.
Both credentials are sent as a Bearer token in the Authorization header. They are not interchangeable.
Where to generate each credential
Both credentials live in the same dashboard area but on different tabs.
- Go to Settings > For Developers in your Fourthwall dashboard.
- Pick the tab that matches the API you want to call.
- OpenAPI tab for the Platform Open API and the Product Offer Open API.
- Storefront API tab for the Storefront API.
- Generate or copy your credential. Treat it like a password.
OpenAPI credential (OpenAPI tab)
The credential generated from the OpenAPI tab authenticates against two APIs that share the same key.
Platform Open API
Host: api.fourthwall.com
The Platform Open API exposes OAuth-scoped endpoints for shop data. Common endpoints include:
/mefor the authenticated account/productsfor your full product catalog/ordersfor order records
Use this API when you need read or write access to platform-level data such as orders, products, and account info.
Product Offer Open API
Host: storefront.fourthwall.com/api/product-offers
The Product Offer Open API is read-only. It returns your published product offers, including images, variants, and prices. For details on the request and response shape, see Product Offer Open API.
Sending the credential
Include the credential in the Authorization header on every request to either API:
Authorization: Bearer YOUR_OPENAPI_CREDENTIAL
Storefront API token (Storefront API tab)
The token generated from the Storefront API tab is a separate credential. In code and starter templates it is often referred to as storefront_token.
Host: storefront-api.fourthwall.com
The Storefront API powers custom headless storefronts. It serves product data and cart actions, and redirects supporters to the Fourthwall-hosted checkout. For the full feature set, see Storefront API.
Send the token as a Bearer value:
Authorization: Bearer YOUR_STOREFRONT_TOKEN
The dashboard tab is currently labeled Storefront API. Older documentation and links may still call this the Headless tab. They refer to the same place.
Quick lookup
| Credential source | Sends to | Host | Auth header |
|---|---|---|---|
| OpenAPI tab | Platform Open API | api.fourthwall.com | Authorization: Bearer ... |
| OpenAPI tab | Product Offer Open API | storefront.fourthwall.com/api/product-offers | Authorization: Bearer ... |
| Storefront API tab | Storefront API | storefront-api.fourthwall.com | Authorization: Bearer ... |
The two hosts storefront.fourthwall.com and storefront-api.fourthwall.com look similar but belong to different APIs and accept different credentials.
Picking the right credential for your project
- Building a custom headless storefront with product browsing, cart, and checkout redirect? Generate a Storefront API token from the Storefront API tab.
- Pulling published product data into a dashboard, app, or external site without cart actions? Generate an OpenAPI credential and call the Product Offer Open API at
storefront.fourthwall.com/api/product-offers. - Reading or writing platform data (orders, account info, full product records)? Generate an OpenAPI credential and call the Platform Open API at
api.fourthwall.com. - Building an installable third-party app that other creators authorize through OAuth? Register an app on the Developer Platform instead of using a long-lived credential. See Developer Platform: Building Apps and Webhooks.
Troubleshooting 401 responses
A 401 from any of the three APIs almost always means the wrong credential, not the wrong host.
Check these in order:
- Confirm the tab. Did the credential come from the OpenAPI tab or the Storefront API tab? A Storefront API token will not authenticate against
api.fourthwall.comorstorefront.fourthwall.com/api/product-offers. An OpenAPI credential will not authenticate againststorefront-api.fourthwall.com. - Confirm the header format. Both credentials use
Authorization: Bearer YOUR_TOKEN. A missingBearerprefix or an extra space causes a 401. - Confirm the host.
storefront.fourthwall.comandstorefront-api.fourthwall.comare different services. The hyphen matters. - Confirm the credential is current. If you regenerated or rotated the credential, older clients still using the old value will start returning 401.
If all four check out and you still get a 401, contact support@fourthwall.com with the host you are calling and the tab you generated the credential from.
Frequently asked questions
Can I use one credential for all three APIs?
No. The OpenAPI credential covers the Platform Open API and the Product Offer Open API. The Storefront API token covers only the Storefront API. You need both if your integration calls all three.
Why does the Storefront API tab sometimes appear as "Headless"?
The tab was previously labeled Headless. The current dashboard label is Storefront API. The credential and the host are unchanged.
Are the OpenAPI credential and Storefront API token rate-limited?
Rate limit details are returned in response headers. If you make many requests in a short period, add request throttling and watch for Retry-After hints.
Where do I find the full reference for each API?
The full OpenAPI reference is linked from the OpenAPI tab in Settings > For Developers. The full Storefront API reference is linked from the Storefront API tab in the same area.
If you have any questions, do not hesitate to contact us at support@fourthwall.com.