Authentication - Snapopa

All API requests require authentication using a Bearer token in the Authorization header.

Getting Your API Key

Sign in to your Snapopa Dashboard
Navigate to API Keys
Click Create New Key
Copy and securely store your API key

API keys are shown only once when created. Store them securely and never commit them to version control.

Using Your API Key

Include the API key in the Authorization header of every request:

curl -X POST https://api.snapopa.com/capture \
  -H "Authorization: Bearer sk_live_abc123..." \
  -H "Content-Type: application/json" \
  -d '{"url": "https://example.com"}'

API Key Format

API keys follow this format:

Prefix	Environment	Example
`sk_live_`	Production	`sk_live_abc123def456...`
`sk_test_`	Testing	`sk_test_xyz789...`

Security Best Practices

Never expose keys in client-side code - API calls should be made from your backend
Use environment variables - Store keys in .env files, not in code
Rotate keys regularly - Generate new keys periodically
Set key expiration - Use expiring keys when possible
Monitor usage - Check your dashboard for unusual activity

Environment Variables

# .env
SNAPOPA_API_KEY=sk_live_your_api_key_here

// Use in your application
const apiKey = process.env.SNAPOPA_API_KEY;

Error Responses

Status	Error	Description
401	`Unauthorized`	Missing or invalid API key
401	`API key expired`	The API key has expired
403	`Forbidden`	Key doesn’t have required permissions

{
  "success": false,
  "error": {
    "code": "UNAUTHORIZED",
    "message": "Invalid or missing API key"
  },
  "data": null
}

Documentation Index

​Getting Your API Key

​Using Your API Key

​API Key Format

​Security Best Practices

​Environment Variables

​Error Responses

Getting Your API Key

Using Your API Key

API Key Format

Security Best Practices

Environment Variables

Error Responses