For merchants (Path C)
Merchants can mint store-scoped UCP credentials for their own server-side
automation instead of routing through the hosted bridge. This is the
client_credentials variant of the platform key — it authenticates as your store,
for your store.
Mint credentials
In Dashboard → Agents (artos-dashboard ):
- Mint a
client_id/client_secretwith scopes such aspurchase:completeandorders:read. - Exchange them for a bearer at the OAuth token endpoint:
curl -X POST https://api.artos.sh/ucp/oauth2/token \
-H "Content-Type: application/x-www-form-urlencoded" \
-d grant_type=client_credentials \
-d client_id=YOUR_CLIENT_ID \
-d client_secret=YOUR_CLIENT_SECRETThe returned bearer carries your store in its claims, so calls don’t need a separate store header.
When to use which path
| Use the hosted bridge (Path A) | Use merchant keys (Path C) |
|---|---|
| Consumer agents (Claude, Cursor) | Your own server-side automation |
| Cross-store buyer OAuth + crypto | Single-store, platform-controlled flows |
| AP2 mandate minting handled for you | You implement OAuth/AP2 yourself |
Merchant keys act as your store; they do not carry a buyer identity, so they cannot drive buyer-bound crypto checkout — that needs a buyer OAuth bearer (see Authentication).
View agent-attributed orders separately from human storefront traffic in the dashboard. For building a full client on these credentials, see Direct UCP.
Last updated on