Every Bundles Admin API request must carry a valid API key. Keys are created in the Appstle dashboard and scoped to a single Shopify store.
Creating an API key
Open API Key Management
Log in to your Appstle admin panel and navigate to Settings → API Key Management.
Create a new key
Click Create New Key and enter a descriptive name such as Bundles integration or ERP bundle sync.
Copy the key immediately
The full key value is shown only once. Store it in your secrets manager before leaving the page.
API keys grant access to store data. Never expose them in client-side JavaScript, browser extensions, mobile apps, or public repositories.
Using the API key
Include your key in the X-API-Key header on every Admin API request.
curl -X GET "https://bundles-admin.appstle.com/api/external/bundle-rules?shop=your-store.myshopify.com" -H "X-API-Key: apst_your-api-key-here"
const response = await fetch(
'https://bundles-admin.appstle.com/api/external/bundle-rules?shop=your-store.myshopify.com',
{
headers: {
'X-API-Key': process.env.APPSTLE_API_KEY,
},
}
);
const bundleRules = await response.json();
import os
import httpx
response = httpx.get(
'https://bundles-admin.appstle.com/api/external/bundle-rules',
params={'shop': 'your-store.myshopify.com'},
headers={'X-API-Key': os.environ['APPSTLE_API_KEY']},
)
print(response.json())
Create one API key per integration. If a tool is compromised or decommissioned, you can revoke that key without disrupting other integrations.
Storefront endpoints
Storefront endpoints power build-a-box and customer-facing bundle flows. They are documented separately from the Admin API because they are meant to be called in storefront contexts rather than backend integrations.