API Keys
API keys authenticate your applications with the Intufind cloud service. Use them for custom integrations, the JavaScript SDK, or direct API calls.
Prerequisites
- An active Intufind subscription
- Access to the web dashboard
Accessing API Keys
Navigate to API Keys from the dashboard or go directly to intufind.com/dashboard/api-keys.
Screenshot: dashboard-api-keys.png
Creating an API Key
- Click Create Key
- Enter a descriptive Key Name (e.g., "Production", "WordPress", "Staging")
- Select the Environment:
- Live (Production) — For production use
- Test (Development) — For development and testing
- Click Create Key
Screenshot: dashboard-create-key.png
Important: Copy Your Key
After creation, your full API key is displayed once. Copy it immediately.
Security Warning: You won't be able to see the full key again. If you lose it, you'll need to create a new one.
API Key List
Your existing keys are displayed with:
| Field | Description |
|---|---|
| Name | The label you provided |
| Prefix | First few characters (for identification) |
| Created | When the key was created |
| Last Used | When the key was last used |
| Status | Active, Revoked, or Expired |
Revoking a Key
To revoke a key:
- Click the ⋮ menu on the key row
- Select Revoke Key
- Confirm the action
Warning: Revoking a key is permanent. Any integrations using that key will immediately stop working.
Security Best Practices
Keep Keys Secret
- Never commit API keys to version control
- Don't share keys in public channels
- Use environment variables in your applications
Use Environment Variables
# .env file (never commit this)
INTUFIND_API_KEY=itf_live_abc123...
// In your code
const apiKey = process.env.INTUFIND_API_KEY;
Use Separate Keys Per Environment
Create distinct keys for:
- Development/local testing
- Staging/QA
- Production
This allows you to revoke a compromised key without affecting other environments.
Rotate Keys Periodically
For enhanced security:
- Create a new key
- Update your application to use the new key
- Verify everything works
- Revoke the old key
Using Your API Key
JavaScript SDK
import { IntucartClient } from '@intucart/sdk';
const client = new IntucartClient({
apiKey: process.env.INTUFIND_API_KEY,
});
// Search products
const results = await client.search.query({
query: 'warm jacket',
});
REST API
curl -X POST https://api.intufind.com/v1/search \
-H "Authorization: Bearer itf_live_abc123..." \
-H "Content-Type: application/json" \
-d '{"query": "warm jacket"}'
WordPress Plugin
The WordPress plugin manages its own API key during license activation. You don't need to manually create keys for WordPress.
Shopify App
The Shopify app handles authentication automatically through Shopify's billing system. No manual API key required.
Troubleshooting
"Subscription Required" Error
You need an active subscription to create API keys. Visit Billing to subscribe.
"Invalid API Key" Error
- Verify the key is copied correctly (no extra spaces)
- Check if the key has been revoked
- Ensure you're using the right environment (live vs. test)
Key Not Working After Creation
- Wait a few seconds for propagation
- Verify the key format starts with
itf_ - Check your subscription is still active
Next Steps
- Billing — Manage your subscription
- Developer Docs — API reference and SDK guides