How does creating a private API impact my online jewelry store?

Shopify Discussion
1

I have a jewelry supplier that sends me a product data file to import onto my store. My problem is I have to manually format the file to the requirements of Shopify. The supplier suggests I give them an API key so that the product file can be easily imported without the struggles I’m having (doing it manually). I’m new to all of this (online store business, API, etc.), so I don’t know what I’m doing. I have read the information Shopify has regarding the API, but I don’t know how this will affect my Shopify store. ‘Creating’ my private API won’t cause problems to my online store? Will I only use the Private API when I need to share with a supplier for adding product information to my store? Will I be able to select what the supplier has permission to access when sharing my Private API? What is the purpose of the API?

Thank you for all your help. I really need it.
Mary Anne Gibson | The Outlet, LLC | theoutletmjfu@gmail.com

2

Let’s break down your post into parts so it’s easier to talk through. Before we do that I would suggest that you ask the supplier these things:

  1. Are they able to use a Custom App instead of a private app.
  2. Do they have other customers that use their API integration, and can they share some examples

The supplier suggests I give them an API key so that the product file can be easily imported without the struggles I’m having (doing it manually).

It’s not a crazy idea. Whenever possible it does pay to automate and make the machines do all the boring work. It doesn’t mean it’s without risk and since you posted here you probably have that sense already.

I’m new to all of this (online store business, API, etc.), so I don’t know what I’m doing.

Totally ok. Everyone starts from the same place. You’re going to learn so much!

I have read the information Shopify has regarding the API, but I don’t know how this will affect my Shopify store. ‘Creating’ my private API won’t cause problems to my online store?

The creation of a private API key won’t effect your store but it does give access to your shops data. How someone uses that access is where the impact (good or bad) could come from. You’d never want to share key details with anyone unless you are very sure they can be trusted.

Will I only use the Private API when I need to share with a supplier for adding product information to my store?

It’s better for third parties to use a Custom App vs a Private App.
Some light reading on private apps:
https://help.shopify.com/en/manual/apps/private-apps

There’s so many suppliers out there that I expect you won’t get asked for API details that often. Those flat files like CSV, Excel, etc are still pretty common.

Will I be able to select what the supplier has permission to access when sharing my Private API?

Yes. When you create a private app you can enable and disable what objects (so product, order, collection, customer, etc) can be accessed. Access can be set to read or write as well but do note that write access gives read access. Read access does not give write access. That’s a tongue twister!

Since you are needing products to be created it would mean whoever you give the key to could add products, edit them, or delete them. If creating products is the only thing the supplier need then do not enable any other scope like orders, customers, etc. Make it as limited as possible.

What is the purpose of the API?

It’s a way for computers (applications/programs) to talk to each other. I assume your supplier has an app that automates creating products on Shopify stores. Don’t be shy in asking your supplier for more details on what the app does. Their ability to answer your questions in a way that makes you feel comfortable goes to whether they should have the trust to get access to your shop data.