Authentication

You'll need to authenticate your requests to access the Screenshot API endpoints. The API uses API key authentication to secure access to screenshot generation features.

API Key Authentication

The Screenshot API uses API key authentication for all protected endpoints. Your API key must be included with every request to authenticate and authorize access to the service.

Including your API key

You can provide your API key in several ways:

In request headers (recommended):

curl https://api.webcapture.ai/screenshot \
  -H "x-api-key: your_api_key_here" \
  -H "Content-Type: application/json"

curl https://api.webcapture.ai/screenshot \
  -H "api-key: your_api_key_here" \
  -H "Content-Type: application/json"

As query parameters:

curl https://api.webcapture.ai/screenshot?api_key=your_api_key_here \
  -H "Content-Type: application/json"

curl https://api.webcapture.ai/screenshot?apiKey=your_api_key_here \
  -H "Content-Type: application/json"

Security Best Practices

Always keep your API key secure and follow these best practices:

• Never commit your API key to version control - Use environment variables or secure configuration files
• Use HTTPS only - API keys should never be transmitted over unencrypted connections
• Rotate keys regularly - Generate new API keys periodically and invalidate old ones
• Restrict key permissions - Use the minimum required permissions for your use case

Error Responses

When authentication fails, the API returns standard HTTP error codes:

{
  "status": 401,
  "error": "ApiKeyRequired",
  "message": "API key is required"
}

{
  "status": 401,
  "error": "InvalidApiKey", 
  "message": "Invalid API key"
}

{
  "status": 403,
  "error": "InsufficientPermissions",
  "message": "API key does not have the required permissions"
}

Public Endpoints

Some endpoints are available without authentication:

• GET /screenshot/devices - List available device emulation options

All other endpoints require a valid API key for access.