Appearance
Authentication
ArtAPI uses API keys for authentication. All requests must include a valid key.
Bearer Token
Pass your API key in the Authorization header on every request:
Authorization: Bearer YOUR_API_KEYExample
bash
curl https://app.artapi.ai/v1/images/generations \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{ "model": "flux-dev", "prompt": "..." }'Getting an API Key
- Log in to app.artapi.ai
- Navigate to Settings → API Keys
- Click Create new key
- Copy the key immediately — it is shown only once
Security Best Practices
Never expose keys in public code
- Do not commit keys to version control
- Do not include keys in client-side JavaScript
- Use environment variables:
ARTAPI_KEY=sk-...
- Rotate regularly — create a new key and revoke the old one periodically
- Use separate keys per environment — one for production, one for staging/dev
- Monitor usage — check the dashboard for unexpected activity
Error Responses
An invalid or missing key returns:
json
{
"error": {
"message": "Invalid API key",
"type": "authentication_error",
"code": "invalid_api_key"
}
}HTTP status: 401 Unauthorized
See Errors for a full list of error codes.