Authentication

Authenticate every request with a secure Bearer API key.

API keys are generated in the user dashboard, stored as hashes server-side, and shown in full only once. Treat every key like a password.

Authorization header

Send Authorization: Bearer fpe_live_xxxxx on every /v1 request. Test keys can use the same header pattern when test mode is enabled.

Key storage

Store the key in a server-side secret manager or encrypted environment variable. Never embed a live key in browser JavaScript, mobile apps, public repositories, or customer-visible logs.

Allowed tools and origins

API plans and keys may restrict allowed tools and origins. A request can be rejected even when the key is valid if the selected tool is not enabled for API access.

Rotation and revocation

Use the dashboard to regenerate a compromised key or revoke a key that is no longer needed. Newly generated keys are shown only once.

curl -X GET https://fileza.ai/v1/account/usage \
  -H "Authorization: Bearer fpe_live_your_key_here"

Need help?

Include your request ID, endpoint, timestamp, and account email when contacting support. Never send raw API keys, provider secrets, OAuth tokens, or signed download URLs.

Contact API support