The Wordsmith API uses API keys for authentication. All API requests must include a valid API key in the Authorization header.
Getting Your API Key
- Log in to your Wordsmith dashboard at app.wordsmith.ai
- Navigate to the API section in your account settings
- Generate a new API key
- Copy and store your API key securely
Keep your API key secure and never share it publicly. Treat it like a
password.
Using Your API Key
Include your API key in the Authorization header of every request using the Bearer token format:
Authorization: Bearer sk-ws-api1-your_api_key_here
Example Request
Here’s an example of making an authenticated request to get your user information:
curl -X GET "https://api.wordsmith.ai/api/v1/me" \
-H "Authorization: Bearer sk-ws-api1-your_api_key_here" \
-H "Content-Type: application/json"
- They start with the prefix
sk-ws-api1-
- Followed by a unique identifier
Example: sk-ws-api1-abc123def456ghi789
Error Responses
If authentication fails, you’ll receive one of the following error responses:
{
"error": "Missing Authorization header",
"status": 401
}
{
"error": "Invalid API key format",
"status": 401
}
Invalid API Key
{
"error": "Invalid API key",
"status": 401
}
Security Best Practices
- Store securely: Keep your API key in environment variables or secure configuration files
- Use HTTPS: Always make requests over HTTPS
- Rotate regularly: Periodically rotate your API keys
- Monitor usage: Keep track of your API usage to detect any unauthorized access
- Restrict access: Only use API keys in server-side applications, never in client-side code
Rate Limiting
API keys are subject to rate limits based on your subscription plan. When you exceed these limits, you’ll receive a 429 Too Many Requests response. 