All API requests require authentication using a Bearer token in the Authorization header.
Getting Your API Key
- Sign in to your Snapopa Dashboard
- Navigate to API Keys
- Click Create New Key
- Copy and securely store your API key
API keys are shown only once when created. Store them securely and never commit them to version control.
Using Your API Key
Include the API key in the Authorization header of every request:
curl -X POST https://api.snapopa.com/capture \
-H "Authorization: Bearer sk_live_abc123..." \
-H "Content-Type: application/json" \
-d '{"url": "https://example.com"}'
| Prefix | Environment | Example |
|---|
sk_live_ | Production | sk_live_abc123def456... |
sk_test_ | Testing | sk_test_xyz789... |
Security Best Practices
- Never expose keys in client-side code - API calls should be made from your backend
- Use environment variables - Store keys in
.env files, not in code
- Rotate keys regularly - Generate new keys periodically
- Set key expiration - Use expiring keys when possible
- Monitor usage - Check your dashboard for unusual activity
Environment Variables
# .env
SNAPOPA_API_KEY=sk_live_your_api_key_here
// Use in your application
const apiKey = process.env.SNAPOPA_API_KEY;
Error Responses
| Status | Error | Description |
|---|
| 401 | Unauthorized | Missing or invalid API key |
| 401 | API key expired | The API key has expired |
| 403 | Forbidden | Key doesn’t have required permissions |
{
"success": false,
"error": {
"code": "UNAUTHORIZED",
"message": "Invalid or missing API key"
},
"data": null
}
