ventic ventic Beta
Back to FAQ
Ask about ventic platform

How can I generate an API key in ventic.ai?

An API key is the simplest way to connect your systems to ventic.ai. It allows your store, PIM, ERP, or middleware to send products and content into a specific project, and later retrieve data for search and agent experiences. In ventic.ai, API access is project-scoped, which means every key belongs to one project and can only access that project’s resources.

Where API keys live in the platform

API keys are managed inside your project settings. The API key area is not just a “create once” screen. It is an operational control panel where you can:

  • Generate keys for different integrations
  • Restrict permissions
  • Monitor usage
  • Suspend access instantly when needed
  • Control whether a public ACP feed is enabled

This is intentional. Agentic commerce integrations are rarely “one and done.” You typically have multiple data sources and services, and you need clear ownership and traceability.

How to generate an API key

The flow is straightforward:

  1. Open the project you want to connect.
  2. Go to the Project Settings area.
  3. Open the API Keys section.
  4. Create a new key and assign it a clear name and description (for example: “Shop feed sync,” “PIM connector,” “Internal BI read-only”).
  5. Choose the permission level and create the key.

After creation, you will be shown the raw key once. This is the moment to store it securely in your secret manager or deployment environment variables. If you lose it later, ventic.ai does not “reveal” it again. You create a new key instead.

How to manage API keys over time

A strong practice is to treat API keys as operational identities for integrations. That means: one key per system, not one key for everything.

In ventic.ai you can manage keys in three important ways:

Activate and suspend

Suspending a key immediately blocks access for that integration. This is the fastest, safest response when you suspect misuse, unexpected traffic, or you simply want to pause an integration during maintenance. You can reactivate later without losing the key record and its usage history.

Edit name and description

Clear naming matters once you have multiple keys. You want to know which key belongs to which system, who owns it, and what it is allowed to do. Good naming reduces mistakes and makes audits easy.

Monitor usage

The platform tracks usage indicators such as how often a key is used and when it was last seen. This helps you detect stale keys, confirm that a new integration is working, or spot suspicious spikes before they become an incident.

Permissions: how to grant the right level of access

When you create a key, you can choose a permission level. The intention is to separate safe, read-only use cases from integrations that can modify data.

A practical model looks like this:

  • Read-only keys for analytics, reporting, or external services that only need to query products or knowledge.
  • Read-write keys for catalog sync services that create, update, or delete products, feeds, and documents.

The best default is read-only. Only grant write permissions when an integration truly needs it, and keep those keys limited to the smallest possible blast radius by separating them per system.

The API endpoints you should know

All programmatic access is routed through the ventic.ai API gateway:

  • Public API base: api.ventic.ai
  • Swagger UI: api.ventic.ai/docs
  • OpenAPI specification: api.ventic.ai/openapi.json

These are the canonical endpoints your team will use to implement integrations, and they are also the best way to confirm what the platform supports at any given moment.

Public ACP feed: enabling a public endpoint that does not use your API key

API keys protect the authenticated API. However, ventic.ai also supports publishing products through a public ACP feed endpoint. This is an intentional design choice: protocols like ACP are built around the idea that a platform can ingest a merchant’s catalog from a URL and then index it internally.

Because this feed is public by nature, it is managed separately from API keys. In your project settings you can:

  • Enable or disable the public ACP feed
  • Copy the feed URL
  • Quickly turn it off if you no longer want your catalog exposed via that mechanism

This distinction is important:

  • API keys are for controlled, authenticated integrations (your systems and your partners).
  • Public ACP feed is for protocol-based catalog publishing where the consumer should not need your private credentials.

A simple operating model

If you want a clean and secure setup, this model works well:

  • Create one read-write key for your catalog sync pipeline.
  • Create one read-only key for internal analytics or third-party querying.
  • Enable the public ACP feed only if your distribution strategy explicitly includes ACP ingestion by external agent platforms.
  • Suspend and rotate keys when ownership changes, a service is retired, or usage looks abnormal.

This keeps access predictable and makes ventic.ai easy to operate as the product intelligence layer behind your agentic commerce strategy.

Previous Article Next Article
Limited Special Offer

The Agentic Commerce Market is Forming Now

This isn't a cosmetic change, it's a transformation of how commerce works. Don't wait until it's too late. Join us and build the agentic future together.

Request Special Offer

Latest Articles

GDSN. The Global Standard for Trusted Product Data and Why AI Agents Will Demand the Same.

Learn about the Global Data Synchronisation Network (GDSN) and why high-confidence product truth is becoming essential for agentic commerce.

How can I expose my products to AI agents?

Discover the strategies for distributing your products to AI agents, including public feeds and real-time APIs.

How can I prepare my products in ventic.ai?

Learn how to use ventic.ai as a product intelligence workspace to ingest, enrich, and prepare your catalog for agentic experiences.

Publishing via ACP or UCP vs exposing an agent API for product Q&A.

Understand the differences between feed-first distribution (ACP/UCP) and query-first interaction models (Agent APIs) for your product data.