Authentication
Learn how to authenticate your API requests.
API Keys
The Promptomize API uses API keys for authentication. Include your key in theX-API-Keyheader with every request.
curl https://api.promptomize.app/api/v1/public/enhance \
-H "X-API-Key: pk_live_your_api_key" \
-H "Content-Type: application/json" \
-d '{"prompt": "Hello world", "modality": "text"}'Key Format
API keys follow this format:
- Production keys:
pk_live_prefix - Test keys:
pk_test_prefix
Test keys are useful for development without affecting your production quota.
Creating API Keys
- Go to the API Keys page
- Click "Create API Key"
- Choose a name and select permissions
- Copy your key immediately (it won't be shown again)
Permissions
Each API key has specific permissions:
| Permission | Description | Endpoints |
|---|---|---|
enhance | Use the enhance endpoint | POST /public/enhance |
read_history | Read enhancement history | GET /public/history |
models | List available options | GET /public/models |
Security Best Practices
Keep Your Keys Safe
- Never commit API keys to version control
- Use environment variables to store keys
- Don't expose keys in client-side code
- Rotate keys periodically
- Use separate keys for production and development
Environment Variables
# .env file (never commit this!)
PROMPTOMIZE_API_KEY=pk_live_your_api_key
# Use in your code
import os
api_key = os.environ.get("PROMPTOMIZE_API_KEY")Key Rotation
When you rotate a key, a new key is generated and the old key remains valid for 24 hours. This allows you to update your applications without downtime.
- Go to API Keys and click "Rotate" on the key
- Copy the new key immediately
- Update your applications within 24 hours
- The old key will automatically expire