Authentication

Name: shotone.io
Rating: 4.9 (127 reviews)
Author: shotone.io

All API requests require authentication using an API key.

API Key Header

Include your API key in the X-API-Key header with every request:

X-API-Key: sk_live_xxxxxxxxxxxxxxxxxxxxxxxx

Example Request

curl -X POST "https://api.shotone.io/screenshot" \
  -H "X-API-Key: sk_live_xxxxxxxxxxxxxxxxxxxxxxxx" \
  -H "Content-Type: application/json" \
  -d '{"url": "https://example.com"}'

Getting Your API Key

Sign in to your dashboard
Navigate to API Keys
Click Create New Key
Copy and securely store your key

Note: API keys are only shown once when created. If you lose your key, you'll need to create a new one.

Security Best Practices

Never expose keys in client-side code — Always make API calls from your server
Use environment variables — Don't hardcode keys in your source code
Rotate keys regularly — Create new keys and revoke old ones periodically
Use separate keys per environment — Different keys for development and production

Authentication Errors

Status	Error	Description
`401`	missing API key	No X-API-Key header provided
`401`	invalid API key	The API key doesn't exist
`401`	API key has been revoked	The API key was deactivated