Skip to main content
To authenticate and access the API, you need to pass your API Key in the X-API-Key header with each request.

Overview

API authentication is token-based. You generate an API token using your email and password, then include that token in the X-API-Key header for all authenticated requests.

API Reference

For detailed information about authentication endpoints:
Please note that generated tokens will be expired after 1 year automatically. Once it is expired, please generate new token.

Token Security

⚠️ Best Practices:
  • Keep tokens secure - Never commit them to version control
  • Use environment variables - Store tokens in .env files
  • Rotate regularly - Generate new tokens periodically
  • Revoke compromised tokens - Delete immediately if exposed
  • Use different tokens - Separate tokens for different applications

Error Responses

Invalid or Missing API Key

{
  "code": "INVALID_API_KEY",
  "message": "Invalid API key"
}
HTTP Status: 401 Unauthorized

Expired Token

{
  "code": "TOKEN_EXPIRED",
  "message": "API token has expired. Please create a new token."
}
HTTP Status: 401 Unauthorized