Authentication
Learn how to authenticate your API requests.
Authentication
All API requests must be authenticated using an API key.
API Keys
API keys are used to authenticate your requests. You can create multiple keys to separate different environments (development, production) or applications.
Creating an API Key
- Log in to your dashboard
- Navigate to API Keys
- Click "Create New Key"
- Give your key a descriptive name
- Copy the key immediately - it will only be shown once!
Key Format
API keys follow this format:
sk_live_a1b2c3d4e5f6g7h8i9j0...
sk_- Indicates this is a secret keylive_- Indicates this is a production key- The rest is a unique identifier
Using Your API Key
Include your API key in the Authorization header of every request:
curl -X POST https://api.pdfapi.dev/v1/pdf/markdown \
-H "Authorization: Bearer sk_live_your_key_here" \
-H "Content-Type: application/json" \
-d '{"markdown": "# Hello"}'
Security Best Practices
Do:
- Store API keys in environment variables
- Use different keys for development and production
- Rotate keys periodically
- Delete unused keys
Don't:
- Commit API keys to version control
- Expose keys in client-side code
- Share keys between team members
- Log full API keys
Rate Limits
API keys are subject to rate limits based on your plan:
| Plan | Requests/Minute | Monthly PDFs |
|---|---|---|
| Free | 3 | 10 |
| Pro | 30 | 3,000 |
| Business | 60 | 15,000 |
| Enterprise | 120 | Unlimited |
When you exceed the rate limit, the API returns a 429 Too Many Requests response.
Error Responses
Invalid or Missing Key
{
"error": {
"code": "UNAUTHORIZED",
"message": "Missing Authorization header"
}
}
Rate Limit Exceeded
{
"error": {
"code": "RATE_LIMIT_EXCEEDED",
"message": "Too many requests",
"details": {
"limit": 3,
"window": "1 minute",
"retry_after": 45
}
}
}