All API requests require an API key for authentication. You can create and manage keys from your EcomWize dashboard.
Create an API key
Open API Keys
In your EcomWize dashboard, click API Keys in the sidebar.
Click Create API Key
Click the + Create API Key button in the top right.
Name your key
Give your key a descriptive name (e.g., “Production automation” or “Staging tests”).
Choose permission
Select the permission level:
- Full access — can read and edit pages (fill, duplicate)
- Read only — can only list and retrieve pages
Copy your key
Your API key is displayed once. Copy it immediately and store it securely. You will not be able to see it again.
Never share your API key or commit it to source code. Treat it like a password. If a key is compromised, revoke it immediately from the dashboard and create a new one.
Using your key
Include your API key in every request using the Authorization header:
curl https://app.ecomwize.io/api/v1/pages \
-H "Authorization: Bearer ew_live_your_key_here"
x-api-key header as an alternative:
curl https://app.ecomwize.io/api/v1/pages \
-H "x-api-key: ew_live_your_key_here"
ew_live_ prefix followed by 32 hexadecimal characters:
ew_live_a093d5bd20e6984f13f26a8ba371fe99
Permissions
| Permission | List pages | Get page | Fill page | Duplicate and fill |
|---|
| Full access | Yes | Yes | Yes | Yes |
| Read only | Yes | Yes | No | No |
403 error.
Revoking a key
To revoke an API key:
- Go to API Keys in your dashboard.
- Click the … menu on the key you want to revoke.
- Click Revoke Key and confirm.
Revoked keys stop working immediately. Any integrations using that key will receive a 401 error.
Security
- API keys are hashed before storage. EcomWize never stores your raw key.
- Failed authentication attempts are rate limited to prevent brute force attacks.
- All API requests are logged with timestamps, IP addresses, and status codes for your security.
