Glue API: Retrieve protected resources

Edit on GitHub

Since shop owners can define which resources are protected, the list is different in each shop. That’s why, before sending any requests, you might need to check which resources are protected and authenticate.

In your development, the Customer Access API helps you to protect resources from guest access and perform pre-flight checks to avoid sending requests to protected resources without authentication.


For detailed information on the modules that provide the API functionality and related installation instructions, see Glue API: Customer Access feature integration.

Retrieve protected resources

To retrieve protected resources, send the request:

GET /customer-access


Request sample: retrieve protected resources



Response sample: retrieve protected resources

    "data": [
            "type": "customer-access",
            "id": null,
            "attributes": {
                "resourceTypes": [
            "links": {
                "self": ""
    "links": {
        "self": ""
resourceTypes String Contains a string array, where each element is a resource type that is protected from unauthorized access.

To view generic errors that originate from the Glue Application, see Reference information: GlueApplication errors.