The Authorization header contains the API key you can use to make authenticated requests to the Rye API. It is important that you do not share this key with anyone else, as it can be used to make requests on your behalf. If you believe your API key has been compromised, you can contact us and we will generate a new key for you.

Your API key is unique to each API environment, which means your staging API key will not work when making requests to the production API, and vice versa. Make sure you are using the correct key for the environment you are working in.

The authorization header is required for developers to be able to access all queries/mutations of the Rye API. The header can be obtained from the Rye console, Under Account → Access and Security, view and copy your API key.


This header is required for making requests on behalf of the end user. Some fraud detection and prevention mechanisms will use the IP address of the end user to determine the legitimacy of the request; for instance, checking if the shopper’s IP address geolocates to an area near the billing address.

This header is required for API operations that involve placing orders. Failing to provide a valid IP address will result in a SHOPPER_IP_IS_REQUIRED error being returned.

	"Rye-Shopper-IP": ""

Rye-Shopper-IP header is required to use the submitCart mutation.

Where to find these headers

These headers can be found if you head to and click on the HTTP Headers tab at the bottom of the screen.