IndexNow API Key Generator
Generate a cryptographically secure IndexNow API key and download your verification .txt file in one click. No account required.
IndexNow API Key Generator
Cryptographically secure · 32-character hex · Instant download
What Is an IndexNow API Key?
An IndexNow API key is a unique alphanumeric string that authenticates your URL submissions to the IndexNow protocol. It proves to Bing, Yandex, and other participating search engines that you are the legitimate owner of the domain you are submitting URLs for.
The key works in conjunction with a verification file: you upload a plain .txt file (named after your key) to your domain root. When Bing receives a URL submission using your key, it fetches that file to confirm the key matches and that you control the domain. Without a valid, accessible key file, all IndexNow submissions for your domain will fail with a 403 Forbidden error.
IndexNow keys are domain-specific you need a separate key and verification file for each website you manage.
How to Get Your IndexNow API Key Step-by-Step
Generate Your Key
Click the "Generate New Key" button above. The tool uses the Web Crypto API to generate a cryptographically random 32-character hexadecimal string the same standard used for secure token generation.
Download the Key File
Click "Download .txt File" to save the verification file. The file name is your key string followed by .txt (e.g., a3f7b2c91d4e5f68a3f7b2c91d4e5f68.txt) and the file content is the key string itself.
Upload to Your Domain Root
Upload the .txt file to the public root directory of your website. It must be accessible at: https://yourdomain.com/your-key.txt not a subdirectory. Verify by opening the URL in a browser; you should see only the key string.
Verify the File is Accessible
Open https://yourdomain.com/your-key.txt in an incognito browser window. You should see exactly your key string and nothing else. Any extra characters, HTML wrappers, or redirects will cause 403 errors on submission.
Submit Your First URL
Use our URL Submitter tool or make a direct GET request to the IndexNow API. You're now ready to notify Bing of new and updated pages within minutes of publishing.
IndexNow API Key Security Best Practices
Use a Strong Random Key
Our generator produces a 32-character cryptographically random hex string. Never use predictable strings, your domain name, or short keys.
Keep the Key Private
Do not embed your API key in public GitHub repositories, client-side JavaScript, or shared configuration files. Treat it like an API password.
Verify Monthly
Run a monthly check to confirm your key file is still accessible and returns exactly the key string. Plugin updates or server migrations can break file hosting.
Rotate if Compromised
If you suspect your key was exposed, generate a new one, update the key file, and update your submission scripts. Old keys can be replaced without losing indexing history.