Guides

By default, content fields outside of the content namespace are read-only via the Frontend API. In cases where you want your models and fields to display content and utilize business logic in a storefront, you’ll need to open the permissions.

For instance, let’s say that you want to integrate a fee system to your Swell store. This system will generate fees and apply them to orders using the Backend API. In the case where you want to display these fees to customers on the frontend, you will need to open the field’s permissions to get Frontend API access.

If custom fields are defined via the Swell dashboard and you want to make them publicly accessible to the Frontend API, you'll need to configure a specific public key with the desired permissions.

1
Choose a public key

Go to Developer → Console on the dashboard and make a GET request to /:clients and enter /:self/keys/ in the URI. In the response, find the current public key you wish to use and copy its id.

2
Make fields readable

Make a PUT request to /:clients and enter /:self/keys/<id_from_previous_step> in the URI field. In the console body, execute the following JSON to establish public read access.

Read access
{
  "permissions": {
    "<model_name_to_configure>": {
      "fields": ["<field_to_add_read_access>"]
    }
  }
}
3
Make fields writable

Edit the content field’s permissions by adding write access.

Write access
{
  "permissions": {
    "<model_name_to_configure>": {
      "input": {
        "fields": ["<field_to_add_write_access>"]
      }
    }
  }
}

That's all there is to it. You’ve successfully opened the content model and field’s permissions for Frontend API access.

Content fields can be made writable by use of input.fields.

Input fields
"input": {
  "fields": [
    "billing",
    "billing_schedule",
    "cancel_at_end",
    "canceled",
    "coupon_code",
    "date_pause_end",
    "items.id",
    "items.options",
    "items.product_id",
    "items.quantity",
    "items.variant_id",
    "options",
    "paused",
    "plan_id",
    "product_id",
    "quantity",
    "shipping",
    "variant_id"
  ]
}

Additionally, records can be limited to a logged-in account (where account_id = current user)

Limiting a record to a logged-in account
"scope": "account"