Authentication

How to authenticate with the Picture Optimizer API.

API Key Authentication

All API requests must include a valid API key in the X-API-Key header.

curl -H "X-API-Key: sk-your-key-here" \
     https://your-api-domain.com/image-forge-api/v1/credits/balance

Obtaining an API Key

  1. Log in to your SerpTransformer dashboard
  2. Navigate to Settings → API Keys
  3. Click Generate New Key
  4. Copy the key immediately — it is only shown once

See API Keys for full details on key management.

Authentication Flow

Client Request
    │
    ▼
┌─────────────────────────┐
│  Flask API Gateway      │
│                         │
│  1. Read X-API-Key      │
│  2. Validate key exists │
│  3. Forward to SaaS     │
│     with X-API-Key      │
└────────────┬────────────┘
             │
             ▼
┌─────────────────────────┐
│  SaaS Platform          │
│                         │
│  1. Hash the key        │
│  2. Match against DB    │
│  3. Resolve user ID     │
│  4. Process request     │
└─────────────────────────┘

Error Responses

Status CodeMeaningExample Response
401Missing or invalid API key{ "error": "Invalid API key" }
402Insufficient credits{ "error": "Insufficient credits. You have 0 but need 5." }
403Key is deactivated{ "error": "API key is inactive" }

Rate Limiting

The API does not currently enforce rate limits per key, but excessive usage may be throttled. Process images in reasonable batch sizes (under 100 per request).

Base URL

All API endpoints are prefixed with your API gateway URL:

https://your-domain.com/image-forge-api/v1/

The WordPress plugin constructs this from the API URL setting. For direct API usage, use the same base URL.

CDN Integration
Using action hooks to integrate Picture Optimizer with CDN and caching systems.
Credits API
Endpoints for checking credit balance and validating credit availability.