Skip to main content
All Phota API endpoints require authentication via the X-API-Key header.

Obtaining an API key

Sign up or log in to the Developer Portal to generate an API key.

Using your API key

Include the X-API-Key header in every request: 
curl https://api.photalabs.com/v1/phota/ \
  -H "X-API-Key: YOUR_API_KEY"

Error responses

If the API key is missing or invalid, the API returns a 401 Unauthorized response: 
{
  "detail": "Missing or invalid API key in the X-API-Key header."
}

Best practices

Never commit API keys to version control or expose them in client-side code. Use environment variables or a secrets manager to store them.
Store your key in an environment variable and reference it in your code:
export PHOTA_API_KEY="your-key-here"

import os
import requests

api_key = os.environ["PHOTA_API_KEY"]

resp = requests.get(
    "https://api.photalabs.com/v1/phota/",
    headers={"X-API-Key": api_key},
)
Generate a new key from the Developer Portal and update your applications. Revoke old keys once the new key is deployed.