← SearchX

API Reference

Authentication

Learn how to authenticate with the SearchX API using API keys.

Overview

The SearchX API uses API keys for authentication. Each application has its own set of credentials consisting of an Application ID and an API Key.

Getting Your Credentials

  1. Log in to the SearchX Dashboard.
  2. Navigate to Applications and select your application.
  3. Go to the API Keys section.
  4. Copy your Application ID and API Key.

Using API Keys

Client-Side (SDK)

Pass your credentials when initializing the SDK:

SearchXSDK.init({
  app_id: 'YOUR_APP_ID',
  api_key: 'YOUR_API_KEY',
  // ...
});

Server-Side (REST API)

Include your credentials using the standard Authorization: Bearer header:

curl -X GET "https://admin.searchxengine.ai/api/v1/instant-search?q=shoes&app_id=YOUR_APP_ID" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json"

Or pass the API key as a query parameter:

curl -X GET "https://admin.searchxengine.ai/api/v1/instant-search?q=shoes&app_id=YOUR_APP_ID&api_key=YOUR_API_KEY"

Security Best Practices

Public API Keys

The API key used in client-side SDK integrations is a public key designed for search operations only. It cannot be used to modify your product data or application settings. Never expose your dashboard login credentials in client-side code.

  • Rotate keys regularly — Regenerate your API keys periodically from the dashboard.
  • Use environment variables — Store credentials in environment variables, not in source code.
  • Restrict by domain — Configure allowed domains in the dashboard to prevent unauthorized use.

Regenerating Keys

If your API key is compromised:

  1. Go to Applications > your app > API Keys.
  2. Click Regenerate Key.
  3. Update your integration with the new key.

Key Rotation

After regenerating a key, the old key is immediately invalidated. Make sure to update all integrations before or immediately after regeneration.

Previous
Playground
Next
Applications API