Per-tenant Bearer keys for /api/v1/* clients. Issued, hashed (argon2id), and rotated server-side — the cleartext key is shown to you exactly once at creation.
products:read
content:read
inventory:read
partners:read
search:read
cart:read
shipping:read
storefront:read
checkout:write
products:write
orders:read
orders:write
customers:read
returns:write
leads:write
analytics:write
cart:write
wholesale:write
Issue your first key to give an external client access to /api/v1/*.