Managing access & security

This page covers how to see what’s connected, how to cut access off, and the security guarantees behind AI / Agent access.

On this page

• Seeing what’s connected
• Revoking access
• The security model
• Who can use it

Seeing what’s connected

The LLM / Agent Access page has two lists:

• Active keys — every API key (lstk_…) used by desktop and CLI clients, with its label, scope, who created it, and when.
• Connected apps — every web-chat connection (claude.ai / ChatGPT), with the app name, who approved it, when, and the scope.

Revoking access

Both lists have a trash icon on each row.

• Revoke a key — the key stops working on its next request. The row is shown struck through and marked revoked.
• Revoke a connected app — the connection is torn down immediately; the app can no longer read your data and cannot silently reconnect.

Revoke access whenever a device is lost, a teammate leaves, or you simply no longer use a connection.

The security model

AI / Agent access is built to be safe to hand to an outside assistant:

• Read-only by default. A connection can only change data if you explicitly granted it write scope — chosen when you create an API key or generate a web-chat connection code. Write access covers exactly the surfaces described in Operating purchase orders and Operating transfers, stock takes & returns; read-only connections can’t see or use any of it.
• Scoped to one store. Every key and connection is pinned to your single store. An assistant can never reach another merchant’s data.
• Keys shown once. The plaintext key is displayed only at creation and never stored, so it can’t leak from Logistified later.
• Sandboxed execution. When your assistant runs a program (run), it executes in an isolated sandbox with no access to anything beyond the data described in What the assistant can read. It can’t reach the internet, your secrets, or the wider system.
• Revocable. Any key or connection can be cut off at any time, and revocation takes effect on the next request.

Treat keys like passwords

API keys are bearer credentialsBearer credentialA credential where holding the URL or QR code is enough to authenticate. Cloud Platform session links work this way; the TTL is your time-bound security control. Read more → — whoever holds one can read your data until it’s revoked. Don’t share keys in email or chat, and revoke any key you think may have been exposed.

Who can use it

AI / Agent access is available on any plan — there’s no plan requirement. It’s in open beta and enabled for every store: open the Agent Access page to create API keys, generate web-chat connection codes, and revoke them at any time. No request or approval is needed.

See also

• AI / Agent access overview — what it is and how it works.
• API keys — creating and revoking keys.

Last updated: 11 June 2026