Authentication
All API requests require an API key sent in the X-API-Key header.
- Header name:
X-API-Key - Scope: server-to-server only
- Base URL:
https://api.redactpdf.ai
Validate your key
Endpoint:
GET /v1/me
Example:
curl -sS -X GET "https://api.redactpdf.ai/v1/me" \
-H "X-API-Key: YOUR_API_KEY"
Example response:
{
"user_id": "user_123",
"email": "you@company.com"
}
Unauthorized response
{
"error": "Unauthorized",
"code": "unauthorized",
"request_id": "req_abc123"
}
Security recommendations
- Keep API keys in server environment variables.
- Use separate keys per environment (dev, staging, prod).
- Rotate keys on a schedule and immediately after suspected leaks.
- Never include API keys in browser JS, mobile apps, or public repos.