Common URLs & Credentials

This page is the canonical reference for every URL and credential you'll need across the Evolve platform. Throughout the docs, <tenant> is your customer subdomain (the same value used in your Tenant Dashboard URL).

Tenant Dashboard

Your Tenant Dashboard is available at:

https://dashboard-<tenant>.evolvestorefront.com

Use the dashboard to:

• View and manage your API credentials (client_id, client_secret)
• Retrieve SFTP credentials for bulk image and data uploads
• Access per-product admin pages

API endpoints

All Evolve product APIs share a common tenant-specific origin.

Purpose	URL pattern
API origin	https://api-<tenant>.evolvestorefront.com
Access token endpoint	https://api-<tenant>.evolvestorefront.com/token
Image Engine base path	https://api-<tenant>.evolvestorefront.com/image-engine
Image Search base path	https://api-<tenant>.evolvestorefront.com/image-search
Image Optimization (served images)	https://images-<tenant>.evolvestorefront.com

For the full per-product API surface, see each product's API reference:

• Platform API
• Image Engine API
• Image Search API
• Image Optimization API

SFTP

Image Optimization and Image Search both accept bulk uploads via SFTP.

Setting	Value
Protocol	SFTP
Hostname	sftp.evolvestorefront.com
Port	22
Username / Password	Retrieve from your Tenant Dashboard

Find your API credentials

Product APIs authenticate with OAuth 2.0 client credentials. Retrieve them from the Tenant Dashboard:

1. Log into your Tenant Dashboard at https://dashboard-<tenant>.evolvestorefront.com.
2. Navigate to the API Authentication section of the appropriate product.
3. Copy your client_id and client_secret.

Obtain an access token

Every product API call requires a JWT Bearer token. Exchange your client_id and client_secret for a token by calling the token endpoint:

Get Token - Sample Request

curl -L -X POST 'https://api-<tenant>.evolvestorefront.com/token' \
    -H 'Content-Type: application/x-www-form-urlencoded' \
    -H 'Accept: application/json' \
    -d 'client_id=xxxxxxxxxxxxxxxxxxxxxxxxxx' \
    -d 'client_secret=xxxxxxxxxxxxxxxxxxxxxxxxxx'

Get Token - Sample Response

{
    "access_token": "xxxxxxxxxxxxxxxxxxxxxxxxxx",
    "expires_in": 3600,
    "token_type": "Bearer"
}

The access token is valid for one hour (expires_in: 3600) and can be reused for subsequent API calls until it expires. See the Generate access token API reference for the full contract.

warning

Treat client_secret like a password.

• Never commit credentials to source control.
• Never expose them to client-side code or browsers.
• Inject them only via environment variables or a secrets manager.
• Contact us immediately on suspected compromise to generate new keys.

See also

• Getting Started — first steps on the Evolve platform
• Image Optimization — Getting Started
• Image Search — Getting Started
• Image Engine — Getting Started
• Support — how to contact us