Skip to main content
StoreInspect API requests use Bearer authentication. 
curl https://storeinspect.com/api/v1/usage \
  -H "Authorization: Bearer $STOREINSPECT_API_KEY"

Key handling

  • Store API keys in server-side environment variables.
  • Do not send API keys in query strings.
  • Use separate keys for separate integrations when possible.
  • Rotate keys immediately if they are exposed.
API access is paid-plan gated. Public docs and /openapi.json remain accessible without an API key.

Request IDs

Every API response includes an X-Request-Id header and a request_id field in the JSON body. Include the request ID when contacting support. 
X-Request-Id: req_abc123
StoreInspect request logs are privacy-safe. They do not store raw API keys or revealed contact channels.