1. API Access and Authentication
- Access to the Covala API requires a valid API Key, obtained by registering at covala.com.
- API Keys must be included in the
X-API-Key header of every request. - API Keys are scoped to a single project. Do not share keys across unrelated applications.
- Keep your API Keys confidential. Do not embed them in client-side code, public repositories, or mobile applications where they could be extracted.
- If you believe an API Key has been compromised, revoke it immediately through your dashboard and notify security@covala.com.
2. Rate Limits
Each subscription tier has defined rate limits: a per-minute burst limit (protects infrastructure) and a monthly quota (aligned with billing). Exceeding either limit will result in HTTP 429 responses.
| Tier | Price | Requests/Minute | Requests/Month |
|---|
| Free | $0 | 10 | 5,000 |
| Starter | $29/mo | 60 | 50,000 |
| Pro | $99/mo | 300 | 500,000 |
| Enterprise | Custom | 1,000 | 5,000,000 |
Rate limit headers are included in every API response: X-RateLimit-Limit, X-RateLimit-Remaining, and X-RateLimit-Reset. Implement exponential backoff when receiving 429 responses. Do not retry in tight loops.
3. Permitted Uses
You may use the API and Product Data to:
- Integrate product information into your own applications, websites, or internal tools.
- Enrich your internal product catalogs with specifications, pricing, and availability data.
- Power search, comparison, recommendation, or shopping features in your applications.
- Build AI-powered applications that use product data as context via the MCP server or API.
- Display product information to your end users, provided you comply with attribution requirements (Section 6).
4. Prohibited Uses
You may not:
- Resell, redistribute, or sublicense raw API responses or bulk Product Data as a data service, data feed, or API.
- Build a product catalog, database, or data service that directly competes with Covala using data obtained through the API.
- Systematically download, scrape, or cache the entire Product Data catalog or substantial portions thereof.
- Use Product Data to train machine learning models for the purpose of creating a competing data extraction or product intelligence service, without separate written agreement.
- Use Product Data for price manipulation, anti-competitive practices, deceptive advertising, or any unlawful purpose.
- Display stale pricing data as current pricing in a way that could mislead consumers.
- Imply endorsement by, affiliation with, or sponsorship by any retailer or manufacturer whose data appears in API responses.
- Circumvent, disable, or interfere with rate limits, access controls, or other security features.
- Conduct load testing, stress testing, or penetration testing against the API without prior written approval.
- Use the API in a manner that degrades service quality for other customers.
5. Data Freshness and Caching
Product Data represents point-in-time snapshots of publicly available retailer information. It may not reflect current pricing or availability.
- Pricing data: You may cache for up to 24 hours. After 24 hours, you must re-fetch or stop displaying the price.
- Product specifications: You may cache for up to 7 days.
- Product relationships: You may cache for up to 7 days.
- Knowledge data (error codes, maintenance): You may cache for up to 30 days.
When displaying cached data, clearly indicate when the data was last refreshed if the cache age exceeds the limits above.
6. Attribution
- Free tier: You must display “Powered by Covala” with a link to covala.com wherever Product Data is displayed to end users.
- Paid tiers: Attribution is appreciated but not required.
- All tiers: You must not misrepresent the source of Product Data or imply that it originates from your own data collection.
7. API Versioning and Deprecation
- The current API version is v2. All endpoints are prefixed with
/v2/. - When a new major version is released, the previous version will continue to be supported for at least 6 months.
- We will provide at least 90 days’ notice before deprecating any API version, via email and the API documentation.
- Non-breaking changes (new fields, new endpoints) may be added to the current version without notice. Your client should handle unknown fields gracefully.
8. Availability and SLA
We target 99.9% monthly uptime for the Covala API. However, we do not guarantee uninterrupted or error-free service. Planned maintenance windows will be announced at least 48 hours in advance. We are not liable for any downtime, data loss, or service interruption.
Enterprise customers may negotiate a formal Service Level Agreement (SLA) with defined uptime commitments and remedies. Contact enterprise@covala.com for details.
9. Retailer Data Takedown
If you are a retailer or manufacturer and believe that product data displayed through the Covala API should be removed, please contact legal@covala.com with details of the content in question. We will review and respond to all takedown requests within 10 business days.
10. Modifications
We may update these API Terms from time to time. We will notify API customers of material changes via email at least 30 days before they take effect. Non-material changes (clarifications, formatting) may be made without notice. Continued use of the API after changes constitutes acceptance.