To integrate Ecwid with Lovable, create a Supabase Edge Function that proxies Ecwid REST API calls using your store ID and Bearer token stored in Cloud Secrets. This lets you build custom storefront components, embed Ecwid product widgets into existing pages, and create admin tools for products, orders, and customers — without exposing credentials in frontend code. Setup takes about 40 minutes.
Embed Your Ecwid Store into a Lovable App with Custom Storefront Components
Ecwid's core design principle is embeddability — it's built to drop into any existing website as a store widget. But with Lovable, you can go further: use Ecwid as your product and order management backend while building a fully custom storefront UI in React. Your products, inventory, and customer data stay in Ecwid's admin, but customers experience a polished, branded frontend that you design in Lovable rather than Ecwid's default store theme.
The integration has two distinct layers. The REST API layer (handled by an Edge Function) gives you programmatic access to Ecwid's product catalog, orders, and customer data. The JavaScript widget layer lets you embed Ecwid's built-in storefront directly into any page — useful for the actual checkout flow where Ecwid handles payment processing and cart state natively. Using both together gives you maximum flexibility: custom product browsing and content pages in React, with Ecwid's battle-tested checkout embedded for the purchase flow.
Ecwid differs from BigCommerce in its deployment model: Ecwid is designed to add a store to an existing site (embed a widget, connect to an API), while BigCommerce is a standalone headless commerce platform built for custom storefronts from the ground up. If you have an existing website or app and want to add e-commerce capabilities, Ecwid's embed-first approach makes it easier to start. If you're building a new commerce-first application, BigCommerce's more comprehensive headless API may be a better fit.
Integration method
Ecwid integration in Lovable works by routing REST API calls through Supabase Edge Functions running on Deno. Your Ecwid Bearer token and store ID are stored as encrypted secrets in Cloud → Secrets and accessed via Deno.env.get() — never exposed to the browser. The React frontend calls the Edge Function to fetch products, orders, and customer data, while Ecwid's JavaScript widget can be embedded directly for the checkout experience.
Prerequisites
- An active Ecwid store — sign up free at ecwid.com (free plan limited to 10 products; paid plans for unlimited products and full API access)
- Ecwid Business plan or higher for full REST API access — the free plan restricts API capabilities
- Your Ecwid store ID (visible in your store admin URL: app.ecwid.com/store/{STORE_ID}) and REST API secret token from Settings → API
- A Lovable project with Lovable Cloud enabled (the default for all new projects)
- Products already added to your Ecwid store to test the integration with real data
Step-by-step guide
Get your Ecwid Store ID and API secret token
Get your Ecwid Store ID and API secret token
Log in to your Ecwid admin at app.ecwid.com. Your store ID is visible in the browser URL when you're in the admin — look for '/store/{number}' in the address bar. Write down this number — it's required for all API calls. To generate an API token, go to Settings in your Ecwid admin left navigation, then click API. Click Generate New Token. Ecwid displays a token configuration screen where you can set the token name and select the permission scopes — check Read orders, Update orders, Read products, Update products, Read customers, and Read store profile. Click Generate. The secret token is displayed once — copy it immediately as Ecwid doesn't show the full value again after this screen. Ecwid's REST API base URL is https://app.ecwid.com/api/v3/{storeId}/ where {storeId} is your numeric store ID. All API calls require two things: the store ID in the URL path and the secret token as a Bearer token in the Authorization header. Ecwid also provides a public token for read-only public catalog data (products visible to non-logged-in visitors) — the secret token in this guide is for operations that require store owner access, including order management and customer data.
Pro tip: If you don't see an API section in Settings, your Ecwid plan may not include REST API access. Check Ecwid's plan comparison page — full REST API requires Business plan or higher. The free plan has limited API functionality.
Expected result: You have your Ecwid store ID (a numeric value like '12345678') and a secret API token copied from Settings → API.
Store Ecwid credentials in Cloud Secrets
Store Ecwid credentials in Cloud Secrets
In your Lovable project, click the '+' icon next to the Preview panel to open the Cloud tab. Click Secrets in the left sidebar. Click Add Secret to create each credential. Add ECWID_STORE_ID with your numeric store ID as the value (e.g., '12345678'). Add ECWID_SECRET_TOKEN with your Ecwid API secret token as the value. Click Save for each. Note that for embedding the Ecwid JavaScript widget directly in the browser, your store ID is considered public information (it appears in the Ecwid widget's JavaScript initialization code). However, your secret token must never appear in frontend code — it grants write access to your store's orders and products. All REST API calls that use the secret token must go through the Edge Function. The public token (a separate shorter token also available in Settings → API) can be used in frontend code for read-only public product catalog browsing if you don't want to route every product fetch through an Edge Function. Lovable's Cloud Secrets encrypts all values on save. The security system blocks approximately 1,200 hardcoded API keys daily — using Cloud Secrets keeps your Ecwid credentials protected.
Pro tip: Store your ECWID_STORE_ID as a Cloud Secret even though it's not sensitive — this makes it easy to test with a different store or staging environment without changing code.
Expected result: Cloud → Secrets shows ECWID_STORE_ID and ECWID_SECRET_TOKEN as encrypted entries.
Create the Ecwid Edge Function proxy
Create the Ecwid Edge Function proxy
Create the Edge Function that proxies Ecwid REST API calls. Type the prompt below into Lovable's chat. Lovable will generate the TypeScript at supabase/functions/ecwid-proxy/index.ts and deploy it to Cloud. The Edge Function constructs the Ecwid API base URL using the store ID from Deno.env.get('ECWID_STORE_ID') and authenticates using the secret token in the Authorization header. It accepts a 'path' query parameter for the specific endpoint to call (e.g., '/products', '/orders', '/customers'), a 'method' parameter (GET, POST, PUT, DELETE), and forwards the request body for write operations. The function also passes through query parameters to the Ecwid API — this is important because Ecwid's list endpoints use query parameters extensively for filtering, sorting, and pagination (e.g., ?sortBy=PRICE_ASC&limit=25&offset=0&categoryId=123). Any query parameters in the incoming request that aren't 'path' or 'method' get forwarded to the Ecwid API URL. CORS headers are included on all responses.
Create a Supabase Edge Function at supabase/functions/ecwid-proxy/index.ts that proxies requests to the Ecwid REST API. Use Deno.env.get('ECWID_STORE_ID') and Deno.env.get('ECWID_SECRET_TOKEN') for credentials. Build the base URL as https://app.ecwid.com/api/v3/{storeId}/. Accept a 'path' query parameter (e.g., 'products', 'orders', 'categories') and a 'method' parameter (GET, POST, PUT, DELETE). Authenticate with Bearer token in the Authorization header. Forward all other query parameters from the incoming request to the Ecwid API URL for filtering and pagination. Include CORS headers in all responses.
Paste this in Lovable chat
1import { serve } from 'https://deno.land/std@0.168.0/http/server.ts'23const corsHeaders = {4 'Access-Control-Allow-Origin': '*',5 'Access-Control-Allow-Headers': 'authorization, x-client-info, apikey, content-type',6}78serve(async (req) => {9 if (req.method === 'OPTIONS') {10 return new Response('ok', { headers: corsHeaders })11 }1213 try {14 const storeId = Deno.env.get('ECWID_STORE_ID')15 const secretToken = Deno.env.get('ECWID_SECRET_TOKEN')1617 if (!storeId || !secretToken) {18 return new Response(19 JSON.stringify({ error: 'ECWID_STORE_ID or ECWID_SECRET_TOKEN not configured in Cloud Secrets' }),20 { status: 500, headers: { ...corsHeaders, 'Content-Type': 'application/json' } }21 )22 }2324 const ecwidBase = `https://app.ecwid.com/api/v3/${storeId}`25 const url = new URL(req.url)26 const apiPath = url.searchParams.get('path') || 'products'27 const method = url.searchParams.get('method') || 'GET'2829 // Forward all non-proxy params to Ecwid30 const ecwidParams = new URLSearchParams()31 for (const [key, value] of url.searchParams.entries()) {32 if (key !== 'path' && key !== 'method') {33 ecwidParams.append(key, value)34 }35 }3637 const paramString = ecwidParams.toString()38 const ecwidUrl = `${ecwidBase}/${apiPath}${paramString ? '?' + paramString : ''}`3940 const requestInit: RequestInit = {41 method,42 headers: {43 'Authorization': `Bearer ${secretToken}`,44 'Content-Type': 'application/json',45 'Accept': 'application/json',46 },47 }4849 if (method !== 'GET' && method !== 'HEAD') {50 requestInit.body = await req.text()51 }5253 const ecwidRes = await fetch(ecwidUrl, requestInit)54 const data = await ecwidRes.json()5556 return new Response(JSON.stringify(data), {57 status: ecwidRes.status,58 headers: { ...corsHeaders, 'Content-Type': 'application/json' },59 })60 } catch (error) {61 return new Response(62 JSON.stringify({ error: error.message }),63 { status: 500, headers: { ...corsHeaders, 'Content-Type': 'application/json' } }64 )65 }66})Pro tip: Ecwid's product list response includes a 'total' count and 'count' and 'offset' fields for pagination. Use these to build infinite scroll or 'Load More' pagination in your product catalog component.
Expected result: Lovable deploys the ecwid-proxy Edge Function to Cloud. The function is ready to proxy Ecwid API calls for products, orders, and customers.
Build the product catalog and embed the Ecwid widget
Build the product catalog and embed the Ecwid widget
With the Edge Function deployed, build your Ecwid-powered storefront in Lovable. This typically involves two parallel tracks: a custom React product catalog for browsing, and the embedded Ecwid JavaScript widget for checkout. For the custom product catalog, call the Edge Function with path=products to fetch your Ecwid product catalog. Ecwid's product objects include id, name, description, price, compareToPrice (original price for sale items), thumbnailUrl, imageUrl, inStock, quantity, categoryIds, and options (for variants like size and color). Lovable will generate TypeScript interfaces for these types. For the embedded Ecwid checkout widget, Ecwid provides a JavaScript snippet that loads the full store widget into any div. The widget handles cart management, checkout, and payment natively. Add this to your React component using a useEffect hook that loads the Ecwid script and initializes the widget with your store ID. Your store ID is not sensitive — it can appear in the React component code (or as a Vite environment variable with VITE_ prefix) since Ecwid's widget only reads public catalog data using the store ID. For complex configurations involving custom product variants, B2B pricing, or member-only discounts, RapidDev's team can help design the right combination of Ecwid REST API calls and widget customization options for your specific use case.
Build a product catalog page using the ecwid-proxy Edge Function. Fetch products via path=products&limit=24&offset=0. Display a responsive product grid with thumbnail image, product name, price (show compareToPrice crossed out if there's a sale), and in-stock badge. Add category filter tabs by fetching categories via path=categories. On product card click, open a detail modal showing full images, description, and options (size/color dropdowns if variants exist). Below the custom catalog, add a separate Shop page that embeds the full Ecwid JavaScript widget using my store ID. Load the Ecwid script in a React useEffect and render the widget in a div with id='my-store-{storeId}'.
Paste this in Lovable chat
1// React component for embedding the Ecwid widget2import { useEffect } from 'react'34const ECWID_STORE_ID = import.meta.env.VITE_ECWID_STORE_ID56export function EcwidStore() {7 useEffect(() => {8 // Load Ecwid script if not already loaded9 if (!window.Ecwid) {10 const script = document.createElement('script')11 script.src = `https://app.ecwid.com/script.js?${ECWID_STORE_ID}`12 script.setAttribute('charset', 'utf-8')13 script.setAttribute('data-cfasync', 'false')14 document.head.appendChild(script)1516 script.onload = () => {17 window.Ecwid.init()18 }19 } else {20 window.Ecwid.init()21 }2223 return () => {24 // Cleanup on unmount if needed25 }26 }, [])2728 return (29 <div className="ecwid-store">30 <div id={`my-store-${ECWID_STORE_ID}`} />31 </div>32 )33}Pro tip: Add VITE_ECWID_STORE_ID to your Lovable project's environment variables for the Ecwid widget embedding. Unlike the secret token, your store ID is public and safe to use in VITE_ prefixed variables accessible from the React frontend. Only the SECRET_TOKEN needs Cloud Secrets protection.
Expected result: The custom product catalog shows Ecwid products from your store with category filtering. The embedded Ecwid widget page loads the full Ecwid storefront widget with cart and checkout functionality.
Common use cases
Custom product catalog with Ecwid inventory
Build a custom-designed product catalog page in Lovable that pulls live product data from your Ecwid store — images, prices, descriptions, stock levels, and categories. Customers browse a fully branded experience while all inventory management stays in Ecwid admin.
Create a product catalog page that fetches products from my Ecwid store via an Edge Function using the Ecwid REST API GET /products endpoint. Display products in a responsive grid with product image, name, price, and stock status. Add category filter buttons using the categories from GET /categories. When a customer clicks a product, show a detail modal with the full description, all images, and an Add to Cart button that adds it to the Ecwid cart via the JavaScript Widget API. Store my ECWID_STORE_ID and ECWID_SECRET_TOKEN in Cloud Secrets.
Copy this prompt to try it in Lovable
Embedded Ecwid checkout within a Lovable page
Embed Ecwid's full JavaScript storefront widget into a specific page of your Lovable app, giving customers access to Ecwid's cart and checkout without building those complex flows yourself. The Ecwid widget handles payment, order confirmation, and inventory deduction automatically.
Add an embedded Ecwid store to my Shop page. Load the Ecwid JavaScript widget using my store ID from a React useEffect hook. Render the widget in a div with id 'my-store-{storeId}'. Style the surrounding page with my app's header, navigation, and footer from Lovable while the Ecwid widget fills the main content area. Make sure the Ecwid script tag loads the widget with the correct store ID stored as an environment variable.
Copy this prompt to try it in Lovable
Order management dashboard for store admins
Build an internal admin tool that shows recent Ecwid orders, their status, line items, and customer details. Admins can filter by order status and update order statuses without logging into Ecwid admin.
Build an order management dashboard that fetches recent orders from my Ecwid store via the ecwid-proxy Edge Function calling GET /orders. Show a table with order number, customer name, date, total, and payment/fulfillment status. Add status filter tabs. Clicking an order shows order items, customer shipping address, and a dropdown to change fulfillment status using PUT /orders/{orderId}. Use my ECWID_STORE_ID and ECWID_SECRET_TOKEN from Cloud Secrets.
Copy this prompt to try it in Lovable
Troubleshooting
API returns 401 Unauthorized or 'Access denied' response
Cause: The ECWID_SECRET_TOKEN in Cloud Secrets is incorrect or expired, or the token's permission scopes don't include the endpoint being accessed.
Solution: Log in to Ecwid admin → Settings → API and verify your token is still valid and has the required scopes checked (Read/Update orders, Read/Update products, etc.). If the token was regenerated or scopes changed, delete ECWID_SECRET_TOKEN from Cloud Secrets and add the new token value. Ecwid tokens do not expire automatically but can be revoked manually.
Products endpoint returns 0 items even though the store has products
Cause: Products on Ecwid's free plan may be restricted from API access, or the store ID in Cloud Secrets is wrong.
Solution: Verify ECWID_STORE_ID is your numeric store ID (visible in the Ecwid admin URL). Confirm your Ecwid plan includes REST API product access — the free plan has significant API restrictions. Try accessing https://app.ecwid.com/api/v3/{yourStoreId}/products directly in a browser to see if a public response is returned, which helps isolate whether it's a credentials issue or a plan restriction.
Ecwid JavaScript widget doesn't load in the Lovable preview
Cause: The Ecwid widget script may not load correctly in Lovable's preview iframe due to cross-origin restrictions, or the store ID variable is undefined.
Solution: Confirm VITE_ECWID_STORE_ID is set as an environment variable accessible to the frontend (not in Cloud Secrets, which is server-only). The Ecwid widget typically works better in the deployed version of your app than in Lovable's preview iframe. Deploy your app using Lovable's Publish button to test the widget in the live environment.
CORS error when calling the ecwid-proxy Edge Function
Cause: The Edge Function is not handling the OPTIONS preflight request before the credential check, or CORS headers are missing from error responses.
Solution: Verify the OPTIONS handler is the first check in the Edge Function before any logic. Confirm every Response in the function — including error returns and catch blocks — includes the corsHeaders spread. Redeploy the Edge Function via Lovable chat if CORS headers were missing.
1// OPTIONS must be first, before all other logic2if (req.method === 'OPTIONS') {3 return new Response('ok', { headers: corsHeaders })4}Best practices
- Use the Ecwid public token for read-only product catalog browsing in your React frontend — it doesn't require an Edge Function and reduces latency for common read operations. Reserve the secret token (via Edge Function) for operations requiring store owner access like order management.
- Implement image lazy loading on product catalog grids — Ecwid product images can be large and loading all images at once degrades page performance. Use React's native loading='lazy' attribute on img tags.
- Cache category data in Supabase or React state since categories change infrequently — fetching categories on every page load wastes API calls. A daily cache refresh is sufficient for most stores.
- Use Ecwid's product search endpoint (GET /products?keyword={query}) to power your search bar rather than client-side filtering — Ecwid's server-side search is faster and more accurate for large catalogs.
- Handle Ecwid's pagination carefully — the products and orders endpoints return a maximum of 100 items per request and a total count. Build proper pagination for stores with more than 100 products.
- For the embedded Ecwid widget, use Ecwid's JavaScript API (window.Ecwid.Cart, window.Ecwid.openPage) to interact with the widget programmatically — this lets your custom React components trigger cart additions and page navigation in the embedded widget.
- Test your integration with Ecwid's staging store feature before connecting your live store — create a test store with sample products to validate API calls don't affect your live inventory or orders.
Alternatives
BigCommerce is the better choice if you're building a commerce-first application from scratch and need enterprise-grade headless commerce APIs rather than embedding a store into an existing site.
Shopify is a better fit for stores needing a larger app ecosystem, more payment gateway options, and the strongest brand recognition in e-commerce, and is available as a Lovable native shared connector.
WooCommerce is the better choice if you want complete control over your store's server infrastructure and are already running WordPress for your website.
Frequently asked questions
What makes Ecwid different from other e-commerce platforms?
Ecwid's core differentiator is its embeddability — it's designed to add a store to any existing website via a JavaScript widget, rather than being a standalone storefront. You can embed the same Ecwid store on multiple websites simultaneously. This makes it ideal for businesses that already have a website and want to add e-commerce without rebuilding everything. The REST API lets you go further and build custom React frontends backed by Ecwid's inventory and order management.
Do I need a paid Ecwid plan to use the REST API?
Basic API access is available on the free plan, but it's limited. Full REST API functionality — including orders management, customer data, and advanced product operations — requires the Business plan or higher. The Venture plan includes basic REST API for products. Check Ecwid's pricing page for the current plan comparison, as the specific API features per plan change periodically.
Can I use the Ecwid JavaScript widget and the REST API together in the same Lovable app?
Yes, and this is actually the recommended pattern. Use the REST API via Edge Function for browsing and displaying products in your custom React UI, and use the embedded Ecwid JavaScript widget for the cart and checkout experience. The widget handles cart state, payment processing, and order creation natively — you don't need to build these complex flows yourself. Your custom product pages and the Ecwid checkout widget coexist on different pages or sections of your app.
What is Ecwid's store ID and is it safe to use in frontend code?
Your Ecwid store ID is a numeric identifier visible in your Ecwid admin URL. It's used to load the Ecwid JavaScript widget and identifies your store for public catalog requests. The store ID is considered public information — it appears in the widget's script tag which is visible to anyone who views your page source. It's safe to use as a VITE_ environment variable in frontend code. Only your API secret token needs to be protected in Cloud Secrets.
How does Ecwid handle inventory when both the widget and custom components are used?
When a customer adds a product to cart via the Ecwid JavaScript widget, Ecwid tracks cart state and inventory deduction through Ecwid's own cart system. The REST API reflects real-time inventory levels — when you fetch a product's quantity via the Edge Function, it shows the current available stock including any items already in active carts. There's no need to manage inventory synchronization separately; Ecwid handles it centrally.
Talk to an Expert
Our team has built 600+ apps. Get personalized help with your project.
Book a free consultation