API keys are shop specific and are tightly scoped to that determine what actions a key is authorized to perform. A single key may have as many scopes as you wish and scopes may be added or removed in the developers page of your Loop admin.

If the API key you are using does not have the needed scope you will get a 401 Unauthorized response with the following body:

"errors": "Unauthorized."

API Key Scope Quick Reference:

Scope

Available Endpoints

Returns

Advanced Shipping Notice, Process Return, Flag Return, Cancel Return, Close Return, Return Details

Orders

Deeplink, Blocklist, Allowlist

Carts

On-store, On-store Snippet

Reports

[Coming Soon]