Authentication
How to authenticate your requests to the Sticker Maker API.
The Sticker Maker API supports two primary methods of authentication: API Keys for programmatic access and Session Cookies for web integrations.
API Key Authentication (Recommended)
For most developers, API keys are the preferred way to authenticate requests. You can generate and manage your API keys in the Dashboard.
Using your API Key
Include your API key in the Authorization header of your requests as a Bearer token:
Authorization: Bearer sk_test_your_api_keySDK Initialization
When using our official SDKs, pass the API key during initialization:
import { StickerMakerClient } from "@sticker-maker/sdk";
const client = new StickerMakerClient({
apiKey: "sk_test_your_api_key",
});Keep your keys secret! API keys provide full access to your account and credit balance. Never share them or include them in client-side code that is visible to users.
Session Authentication
If you are building an integration directly into a web application that already uses our authentication system, you can use session cookies. This is primarily intended for our own webapp and internal tools.
Our API automatically detects valid session cookies if your request includes:
Credentials: includeSecurity Best Practices
- Rotate keys regularly: If you suspect a key has been compromised, revoke it immediately in the dashboard and generate a new one.
- Environment Variables: Always store your API keys in environment variables (e.g.,
.envfiles) and never commit them to version control. - Use separate keys for development: Create different keys for your local development and production environments to limit impact in case of a leak.
Troubleshooting
If you receive a 401 Unauthorized response:
- Check that your API key is correct and has not been revoked.
- Ensure the
Authorizationheader follows theBearer {token}format. - Verify that you are sending the request to the correct environment (production vs. development).