Hello,
is there any way to connect to /api/ucp/mcp endpoint in a store that is password-protected? Currently, such an attempt returns a 302 status with a redirect to the /password page. I don’t want to disable the password protection until the store is ready to be published. I’m trying to create an application for my customers that doesn’t require an auth token to fetch the product catalog.
Hey @PioSlo! No. If the Online Store password is enabled, /api/ucp/mcp is protected by the same storefront password gate, so the 302 redirect to /password is expected.
There is no supported way to make that merchant scoped UCP MCP endpoint publicly accessible while keeping the storefront password enabled at the moment
For building and testing before launch, use a development or “staging” store with the password disabled (separate to the store you’re currently working on).
It has been asked about before, so I logged this as a feature request internally - thanks for raising this!