This applies if you use Printful’s API for a custom-built solution or integration.
Why are legacy API keys being phased out?
We’re replacing API keys with Private Tokens and Public Apps to improve security, flexibility, and future readiness:
- Secure – OAuth 2.0 replaces HTTP Basic authentication, offering a much higher level of security. If a token is compromised, it can be revoked instantly.
- Versatile – Tokens can have customized permissions and access scopes.
- Future-proof – The token-based system is designed to support upcoming API features.
Who needs to migrate?
All existing API customers who still use legacy API keys must migrate to the new API tokens to continue accessing the Printful API.
Key dates
- September 30, 2022 – Creation of legacy API keys was disabled in the Dashboard.
- March 30, 2023 – Legacy API keys stopped working. All API requests now require new tokens.
How to migrate to API tokens
-
Generate a new API token
- Go to the Printful Developers portal.
- Create a:
- Private Token – for features tied to a specific store.
- Public App – for an application that will be used by other Printful customers.
-
Update your request authentication method
- Old method (legacy keys): HTTP Basic authentication with an Authorization header containing a Base64-encoded API key.
- New method (tokens): OAuth 2.0 authentication, using access_token and token_type in the Authorization header.
- See the API documentation for examples and implementation details.
Benefits of using API tokens
- Stronger security with OAuth 2.0.
- Custom name and contact email for each token.
- Optional expiration date.
- Adjustable scopes to control access per token.
No development resources?
If you can’t make the changes yourself, you can work with a freelance developer or agency to handle the migration for you. Platforms like Fiverr or Upwork have developers experienced with API integrations.
Tip: You can also use our Fiverr partnership discount to find vetted freelancers at a lower cost.