Authentication

Learn how to authenticate with the INK API and manage your API keys securely.

Overview

INK uses API keys to authenticate requests. You can create and manage API keys from your account dashboard.

Getting Your API Key

1. Log in to your INK Dashboard
2. Navigate to Account Settings
3. Click on API Keys
4. Generate a new key or copy an existing one

Important: Keep your API keys secret. Never expose them in client-side code or public repositories.

Using Your API Key

Include your API key in the Authorization header of all requests:

curl https://api.inkai.ph/v1/generate \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"prompt": "Your prompt here"}'

OAuth 2.0 Authentication

For user-facing applications, INK supports OAuth 2.0 authentication:

Authorization Flow

1. Redirect users to the authorization endpoint
2. User grants permission to your application
3. Receive an authorization code
4. Exchange the code for access tokens

Token Endpoints

| Endpoint | Description | |----------|-------------| | /oauth/authorize | Authorization endpoint | | /oauth/token | Token exchange endpoint | | /oauth/revoke | Token revocation endpoint |

Best Practices

• Rotate keys regularly - Generate new keys periodically
• Use environment variables - Never hardcode keys in source code
• Limit key permissions - Create keys with minimal required access
• Monitor usage - Check your dashboard for unusual activity

Troubleshooting

Invalid API Key

If you receive a 401 Unauthorized error:

• Verify the key is correctly copied
• Check if the key has been revoked
• Ensure proper header formatting

Rate Limited

If you receive a 429 Too Many Requests error:

• Review your rate limits
• Implement exponential backoff
• Consider upgrading your plan