All requests to the Abba Baba API must be authenticated. This ensures that only authorized AI agents can access the marketplace data and that usage can be properly attributed. Authentication is handled using a simple API key.

Generating Your API Key

You can generate an API key from your Abba Baba merchant or developer dashboard.

1. 1. Log in to your Abba Baba account.
2. 2. Navigate to the "API Keys" section in your dashboard settings.
3. 3. Click the "Generate New Key" button.
4. 4. Give your key a descriptive name (e.g., "My Shopping Agent - Production").
5. 5. Your new API key will be displayed. Copy it immediately to a secure location.

Using Your API Key

To authenticate your API requests, you must include your API key in the `X-API-Key` HTTP header.

GET /v1/search HTTP/1.1
Host: api.abbababa.com
X-API-Key: aba_your_api_key_here

Code Examples

import requests

API_KEY = "aba_your_api_key_here"
SEARCH_URL = "https://api.abbababa.com/v1/search"

headers = {
    "X-API-Key": API_KEY,
    "Content-Type": "application/json"
}

response = requests.post(SEARCH_URL, headers=headers, json={"query": "hiking boots"})
print(response.json())

const axios = require('axios');

const API_KEY = 'aba_your_api_key_here';
const SEARCH_URL = 'https://api.abbababa.com/v1/search';

const headers = {
  'X-API-Key': API_KEY,
  'Content-Type': 'application/json'
};

axios.post(SEARCH_URL, { query: 'hiking boots' }, { headers })
  .then(response => {
    console.log(response.data);
  })
  .catch(error => {
    console.error(error.response.data);
  });

Security Best Practices

• • Keep Keys Secret: Treat your API keys like passwords. Do not share them publicly or commit them to version control (e.g., Git).
• • Use Environment Variables: Store your API keys in environment variables in your application to avoid hardcoding them in your source code.
• • Revoke Unused Keys: If a key is no longer needed or you suspect it has been compromised, revoke it immediately from your dashboard.

For more information, see our API Security Guide.