Concepts

How Snowcone works

One page on the mental model — the nouns, where they live, and how a render becomes a sale — so every other page has a place to hang.

The whole model

Snowcone turns three values — a product, your artwork, and your public Shop ID — into a buyable, printed product. Those three values build a mockup URL; swap img for buy on the same URL and you have checkout. Everything else on this site is a deeper layer over those two URLs.

Asset

BEEB77Product

shop=Shop ID

Mockupimg URL

Salebuy URL

There is nothing to install to render or sell. The SDK and React components are optional conveniences over the URLs — never required.

The objects

Seven nouns cover almost everything you’ll touch. You meet them roughly in this order — identity, the product, what you composite, then the result.

Shop ID: Your public identity, like a Cloudinary cloud name. It says which shop a render or sale belongs to and resolves your prices. Safe to expose; mint one with a single API call.
Product: A buyable item in the public catalog (a Framed Canvas, a Tee), addressed by a short product code like BEEB77. The product code is the path of every mockup and buy URL.
Asset: Your artwork — any publicly fetchable image URL. The renderer fetches it server-side and composites it onto the product, so it must not be localhost or auth-walled.
Placement: A print area on a product (front, back, sleeve). Products with more than one are addressed with asset.<key> per area.
Option / Variant: The choosable attributes (size, color) and the specific combination a shopper buys. Selected in a URL with opt.<attr> or color.<key>.
Mockup: The result: your asset rendered on the product, as a public image URL on img.snowcone.app. Nothing is pre-computed — the URL is both the render request and the cache key.
Catalog: The public Meilisearch index of every product — names, prices, mockups, placements, options. The product code is the document id.

Where things live

Four hosts, one job each. You can build a whole business touching only the first three — the API is for when you outgrow the URLs.

img.snowcone.appRenders mockups. The product is the path; asset + shop are the query.search.snowcone.appThe public catalog (Meilisearch). Read-only; the search key is public.buy.snowcone.appHosted checkout. The mockup URL with img → buy drops the item in a cart.api.snowcone.appThe backend API: mint/claim shops, realtime grants, the Orders API.

The security ladder

Security is progressive: start fully public, lock down only as far as you need. Each rung adds protection on top of the one before — you never trade the Shop ID away, you constrain what it can do.

1
Public Shop ID
The default. The Shop ID alone renders and sells. Open and safe to expose — the worst a leaked ID does is render your own catalog.
2
Asset-origin allowlist
Restrict which image hosts may be composited, so a stolen ID can’t render arbitrary artwork. This is the real anti-theft knob.
3
Signed URLs
Your server appends an HMAC &signature. Only you can mint valid URLs; the secret never leaves your backend.
4
Secret API keys
Server-side sk_ keys for privileged calls (the Orders API, managing a shop). Bearer-authorized, never shipped to a browser.

Most shops never go past rung two. Signing and secret keys matter once real money flows through a locked-down storefront.

How you grow

The same primitive scales from a single image to a full business. A natural path:

1 · Render

One mockup URL on a page. Add a hosted buy button and you’re selling. Start at Get started.

2 · Build a storefront

Pull the catalog, add options and placements, and ship a real storefront. The guides walk through complete builds.

3 · Own checkout

Take payment yourself and POST the order via the Orders API; we print and ship behind your brand.