Skip to content
Back to docs

Documentation

Connecting your WooCommerce store

The core dashboard works through WooCommerce's built-in REST API — no plugin needed. The whole connection takes under a minute and uses read-only credentials by default.

1

Open WooCommerce → Settings → Advanced → REST API

In your WordPress admin, navigate to WooCommerce → Settings → Advanced → REST API. Click Add key.

The URL looks like /wp-admin/admin.php?page=wc-settings&tab=advanced&section=keys.

2

Configure the key

  • Description: something memorable like StorePack.
  • User: pick a WordPress admin user. We recommend a dedicated user (e.g. storepack-bot) so it's easy to revoke.
  • Permissions: Read is enough for analytics and reporting. Pick Read/Write if you want StorePack to apply coupons, push bulk product edits, or process refunds from the dashboard.

Click Generate API key.

3

Copy both keys before you leave the page

WooCommerce shows the Consumer key (starts with ck_) and Consumer secret (starts with cs_) only once. Copy both before you navigate away — they cannot be retrieved later, only regenerated.

Treat these like passwords. If you accidentally leak them, revoke the key in WooCommerce and create a new one — your StorePack connection updates seamlessly on next sync.

4

Paste into StorePack

Open StorePack → Settings → Stores → Connect WooCommerce. Paste:

  • Site URL — e.g. https://mystore.com (no trailing slash, no /wp-json).
  • Consumer key (the ck_… string).
  • Consumer secret (the cs_… string).

StorePack pings your site to verify the credentials, then kicks off a backfill of the last 12 months of orders. Live updates run as 5-minute deltas afterwards.

REST API key vs. Application Password — which do I need?

WordPress and WooCommerce expose two different REST APIs with different auth schemes. StorePack uses the right one automatically based on which feature you're using.

WooCommerce REST API key (required)

Pair of ck_… / cs_… generated from WooCommerce settings. Powers everything under /wc/v3/*: orders, products, customers, coupons, refunds, variations, shipping, taxes. This is what you set up above.

WordPress Application Password (optional)

Generated from Users → Profile → Application Passwords in WordPress. Only needed if you want StorePack to edit your storefront pages, theme settings, navigation menus, or site settings (the WP-native /wp/v2/* endpoints).

You can start with the REST API key alone and add the Application Password later, from Settings → Stores → WordPress credentials.

What works after this step

With just the WooCommerce REST API key in place, you unlock:

  • Real-time orders, refunds, customers
  • Revenue, AOV, repeat-rate analytics
  • RFM segmentation + cohort views
  • Coupon CRUD
  • Bulk product editing and exports
  • Product reviews import
  • Profit tracker (with COGS upload)
  • Mobile app — full data access

Storefront features — abandoned-cart recovery, visitor tracking, announcement bars, post-purchase upsell, on-site reviews rendering — need the StorePack companion plugin.

Troubleshooting

“Authentication failed” — Double-check there's no trailing slash on the site URL and no /wp-json suffix. Verify the keys haven't been revoked in WooCommerce.

“Site unreachable” — If your store is behind a security plugin (Wordfence, iThemes), make sure REST API requests aren't being blocked. StorePack's outbound IPs are documented at support@storepack.app on request.

“Read-only key, cannot apply coupon” — Regenerate the key with Read/Write permission in WooCommerce, then update the credentials in StorePack.

Need the storefront features (cart recovery, visitor tracking, announcement bars)?

Install the companion plugin