Authentication
Learn how to authenticate your API requests using your unique API token.
API Token
All API requests require authentication using a Bearer token. Your API token is generated automatically when you complete your first payment.
Create an account and purchase credits to get your API token.
Authorization Header (Recommended)
Include your API token in the Authorization header using the Bearer scheme:
Authorization: Bearer YOUR_API_TOKEN
Example Request
curl -X GET "http://localhost:8000/api/v1/posts/by-user/instagram/natgeo" \
-H "Authorization: Bearer sk_live_abc123xyz789..."
Alternative: X-API-Token Header
You can also use the X-API-Token header:
X-API-Token: YOUR_API_TOKEN
Example Request
curl -X GET "http://localhost:8000/api/v1/posts/by-hashtag/twitter/AI" \
-H "X-API-Token: sk_live_abc123xyz789..."
Authentication Errors
If authentication fails, the API will return one of the following errors:
| Error Code | HTTP Status | Description |
|---|---|---|
MISSING_API_TOKEN |
401 | No API token was provided in the request |
INVALID_API_TOKEN |
401 | The provided token is invalid or has been revoked |
ACCOUNT_INACTIVE |
403 | Your account has not been activated (complete payment first) |
Example Error Response
{
"success": false,
"error": {
"code": "INVALID_API_TOKEN",
"message": "The provided API token is invalid or has been revoked."
}
}
Token Security Best Practices
- ✓ Never expose your API token in client-side code or public repositories
- ✓ Store your token in environment variables, not in source code
- ✓ Make API calls from your backend server, not directly from browsers
- ✓ Regenerate your token immediately if you suspect it has been compromised
- ✓ Use HTTPS for all API requests
Managing Your Token
From your dashboard, you can:
- Regenerate - Create a new token (old token stops working immediately)
- Revoke - Disable your current token without generating a new one