Authentication
All API requests require an API key for authentication. Your API key is available in the dashboard after signing up.
Sending Your API Key
Include your API key in the Authorizationheader of every request. Send the raw key directly — do notuse a "Bearer" prefix.
curl -X POST https://api.journeyapi.com/api/v1/imagine \
-H "Authorization: japi_live_abc123def456" \
-H "Content-Type: application/json" \
-d '{"prompt": "hello world"}'Required Headers
| Header | Value | Required |
|---|---|---|
| Authorization | Your raw API key (no "Bearer" prefix) | Required |
| Content-Type | application/json | Required |
Invalid API Key
If your API key is missing, malformed, or revoked, the API returns a 401 status with an empty JSON body.
HTTP/1.1 401 Unauthorized
Content-Type: application/json
{}Security Best Practices
- 1. Never expose your API key in client-side code or public repositories.
- 2. Store keys in environment variables or a secrets manager.
- 3. Rotate keys immediately if you suspect they've been compromised.
- 4. Use separate API keys for development and production.