As of 11/13 VTEX APIs will no longer support authentication via email and password

Breno Barreto

Breno Barreto

Last updated

As of November 13, 14h (GMT-2, Brazil time),VTEX will no longer allow integrations with our APIs to use email and password for authentication.

For all VTEX integrations, you will need to use an appKey and appToken pair, which you may obtain in the License Manager module.

How it was before

Some stores used e-mail and password as authentication keys in their integrations with VTEX. This was allowed by our system, but was far from ideal.

Retailers made such choice mainly because only one pair of appKey and appToken was available, making it difficult to handle multiple integrations.

What changes now

VTEX will block integrations via email and password. Starting November 13th, it will be necessary to generate an appKey and an appToken in License Manager and use these keys to authenticate any integration with the VTEX APIs.

Why

Using the email and password for authentication compromises the security of your integrations.

What you need to do

Attention: any pair of appKey and appToken, when created, is born without being linked to an access profile. So, after creating it, you need to link the appKey and appToken to the correspondent access profile.