Any user, including users without an auth token, should be able to get store items and collections. I don't think store items are sensitive info.
The main use case of this is to generate website previews for store pages. Currently, when Discord generates a website embed for a store page, it won't have an auth token, so it gets redirected to the login page.
The front end can then handle preventing users from making orders if they can't access the store (e.g. replacing the "Add to Cart" button with a login button)
Any user, including users without an auth token, should be able to get store items and collections. I don't think store items are sensitive info.
The main use case of this is to generate website previews for store pages. Currently, when Discord generates a website embed for a store page, it won't have an auth token, so it gets redirected to the login page.
The front end can then handle preventing users from making orders if they can't access the store (e.g. replacing the "Add to Cart" button with a login button)