Documentation Index
Fetch the complete documentation index at: https://docs.abconvert.io/llms.txt
Use this file to discover all available pages before exploring further.
Token model
A token is a single-shop, single-purpose credential. It looks likeabc_1lRrF_CdEOYbg6xCP6FFoiFnOcp05s8E.
One token per app
Mint a separate token for each integration: Claude Desktop, Claude Code, your team’s automation, etc. Revoking one doesn’t break the others.
Shop-scoped
A token you mint for Shop A can never access Shop B’s data — even if you own both.
No expiration by default
Tokens stay valid until you revoke them. There’s no automatic rotation. We may add expiration in a future update.
Revocable instantly
Settings → Claude / MCP Access → Revoke. Takes effect within one request — the next call from that token returns 401.
Treat tokens like passwords
If someone has your token, they can do anything you can do via MCP — create tests, modify rates, end experiments. The token is the only secret in the system.What protects you by default
Even if a token leaks, several layers limit blast radius: 1. Per-shop feature flag. MCP is opt-in per shop. If your shop has the flag off, even a valid token can’t do anything. 2. Rate limit. 200 requests per minute per token, server-enforced. A leaked token can’t be used to hammer the API or run an unbounded loop. 3. Token kill switch. Revoke from Settings → Claude / MCP Access. Effective within one request. Don’t wait — the moment you suspect a token is compromised, kill it. 4. Resource overlap protection. Even with a leaked token, an attacker can’t launch a price test on a product that already has an active price test running. Same for shipping zones, themes, templates, and redirect URLs. 5. Backend audit trail. Every API call is logged with the token ID, timestamp, and outcome. Contact support if you need to investigate suspicious activity.Auditing token usage
Today, the in-app audit view is read-only and shows:- Token name + when it was created
- Last successful use timestamp
- Whether it’s currently active or revoked
When to rotate
Rotate (revoke + mint a new one) when:- A team member leaves
- You change laptops
- You suspect any leakage (committed to git by accident, pasted in a public chat, lost a device)
- Quarterly as part of a routine audit — minimal effort, maximum hygiene
What’s NOT covered yet
These are on the roadmap:- OAuth. Today, every integration requires you to mint and paste a token manually. OAuth would let an integration request access through a browser flow. Coming once we see merchant demand for sharing access without static tokens.
- Per-token scopes. Today, every token has full access. Future tokens will let you create read-only or scope-limited tokens for safer sharing.
- Per-IP allowlist. Lock a token to specific IP ranges (e.g. your office) for extra defense.
Reporting a suspected leak
If you think a token has been compromised:- Revoke it immediately — Settings → Claude / MCP Access → Revoke. Don’t wait.
- Check the audit timestamps — was the token used recently from somewhere unexpected?
- Email [email protected] with the token’s name and approximate compromise window. We’ll pull server-side logs and confirm whether anything unusual happened.