Personal Tokens
If you are planning to hire a developer to create a custom script, desktop application or web application integration for your Vend store they will need to gain access to your store's data via the Vend API. You can provide them with this access by creating a Personal Token. This is a unique code that grants the developer access to the data they need and allows you to manage these integrations on an individual basis.
Note: Tokens should not be used as a primary authentication mechanism for web based applications. Those applications should be using OAuth 2.0 authorisation as described in our developer documentation.
What is a Personal Token?
The Personal Token is the equivalent to a password and gives someone access to your vend account via the Vend API. While this doesn’t grant access to the sell screen it will provide the same level of access to the data as an admin user.
Important: By providing a developer with this token they will have full access to the data in your store. Make sure you send this privately and don’t publicly share the information anywhere.
How do I access it?
To create a token navigate to Setup -> Personal Tokens
Select 'Generate Personal Token'
And fill out the details below:
Token name: for this field put in a name for your reference. It is also important to make this unique to avoid any confusion if you have multiple tokens active.
Expiry date: This will be disabled by default however, if you only want the custom integration or script to be able to access your data for a limited time, you can specify a token expiry date.
Once this is done click 'Save' and copy the token to send it through to your developer(s).
If you are building multiple apps for your store it is recommended you create a token for each app.
Important: If the token you have provided a developer expires, the integration they have built will no longer work. You can extend or remove the expiry date by editing the current token or creating a new one.
How to user Personal Tokens to access the API?
Every request to sent to the Vend API needs to be authorised. The best way to do it is by adding the Authorization header, just like it's done for OAuth tokens:
Authorization: Bearer _here_goes_your_token_
In case of any questions regarding Personal Tokens or the API in general, please get in touch with our Developer Relations Team at api@vendhq.com
Related Articles
HTTP Basic Auth deprecation
Note: If you're not a developer and you don't have any integrations/addons then you probably don't need to worry about this! If you're unsure, read on to learn more. What is HTTP Basic Authentication? HTTP Basic Authentication is a mechanism used to ...Syncing inventory from multiple Vend stores with Shopify
When setting up Vend with Shopify, you can now combine and sync inventory from multiple Vend outlets and surface this on your Shopify store. You can select the inventory from one or more Vend outlets and make this available online for your customers ...Deleting Users in Vend
When you delete a user in Vend, you are permanently deleting the personal data relating to that user and then suppressing any further processing against that deleted user’s profile. For any content (e.g. sales, reports) previously associated with a ...Retail Metrics on the Vend Retail Dashboard
If you are currently on a Vend store plan that has access to the Retail Dashboard, you will be able to take full advantage of a range of advanced retail metrics. In addition to the Sales Performance section, you will have a choice of 9 different ...Purchases Overview
The Purchase module provides an easy way for businesses to order and purchase products for use in production and for sale. Some of the great features we provide are: easy to use database management tools for all your supplier and production ...