As of November 13, 14h (GMT-2, Brazil time),VTEX will no longer allow integrations with our APIs to use email and password for authentication.

For all VTEX integrations, you will need to use an appKey and appToken pair, which you may obtain in the License Manager module.

Some stores used e-mail and password as authentication keys in their integrations with VTEX. This was allowed by our system, but was far from ideal.

Retailers made such choice mainly because only one pair of appKey and appToken was available, making it difficult to handle multiple integrations.

VTEX will block integrations via email and password. Starting November 13th, it will be necessary to generate an appKey and an appToken in License Manager and use these keys to authenticate any integration with the VTEX APIs.

Using the email and password for authentication compromises the security of your integrations.

• Check if your store uses email and password in any integration with VTEX APIs.
• If it does, create a pair of appKey and appToken for that integration. See how to do that in the article Creating appKeys and appTokens to authenticate integrations.

Attention: any pair of appKey and appToken, when created, is born without being linked to a role. So, after creating it, you need to link the appKey and appToken to the correspondent role.