Authentication

How to authenticate your API requests with Price Hero API keys.

API key format

All Price Hero API requests must be authenticated using a Bearer API key in the Authorization header.

Authorization: Bearer <api_key>

Key types

EnvironmentPrefixUse for
Sandboxph_test_Development and testing
Liveph_live_Production requests

Sandbox keys are scoped to a subset of the catalog (see Sandbox mode) and don't charge real credits. Live keys have access to the full catalog.

Managing API keys

API keys are managed from the Developer Dashboard.

You can:

  • Create multiple keys (e.g. one per environment or application)
  • Name keys to identify their purpose
  • Revoke a key at any time — it stops working immediately
  • Rotate keys after any suspected exposure

You are responsible for all activity conducted under your API credentials, including any actions resulting from unauthorized use.

Security requirements

  • Never embed keys in client-side code. All API requests must be made from your server or a secured backend environment. Do not embed credentials in publicly accessible code, browser-side applications, or unsecured environments.
  • Restrict access to authorized personnel only. Do not share credentials with third parties or allow third-party direct access to the API.
  • Use environment variables. Store keys in .env files or a secrets manager — never hardcoded in source code.
  • Rotate keys regularly. Revoke and regenerate keys on a schedule or immediately after any suspected exposure.
  • Report compromised credentials promptly. If a key is compromised or you detect unauthorized use, revoke it immediately and notify mailys@pricehero.ai.
# Example: set in your shell or .env file
PRICE_HERO_API_KEY=ph_live_a1b2c3d4e5f6...

Example request

const response = await fetch("https://api.pricehero.ai/v3/catalog/query", {
  method: "POST",
  headers: {
    Authorization: `Bearer ${process.env.PRICE_HERO_API_KEY}`,
    "Content-Type": "application/json",
  },
  body: JSON.stringify({ query: "Chanel Classic Flap" }),
});

For rate limits, caching rules, and prohibited usage, see Usage Policy.

Errors

If authentication fails, you'll receive a 401 Unauthorized response:

{
  "error": "unauthorized",
  "message": "Invalid or missing API key"
}

Quickstart

Make your first Price Hero API request in under 5 minutes.

Credits

How API credits work, what each request costs, and sandbox limits.

On this page

API key formatKey typesManaging API keysSecurity requirementsExample requestErrors
Authentication — Price Hero Docs