Skip to main content
API keys authenticate your requests to the Screenshotly API. Manage them from the API settings page in your dashboard.

Generating a new key

  1. Go to API settings
  2. Click Generate new API key
  3. Give the key a descriptive name (e.g., “Production server”, “Staging”)
  4. Copy the key immediately
The full API key is only shown once. Copy it and store it securely. If you lose it, you’ll need to generate a new one.

Using your key

Include it in the X-API-Key header: 
curl -X POST https://api.screenshotly.dev/v1/capture \
  -H "X-API-Key: YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"url": "https://example.com"}'
Or pass it as a query parameter: 
curl "https://api.screenshotly.dev/v1/capture?url=https://example.com&api_key=YOUR_API_KEY" \
  --output screenshot.png
Or pass it to the JavaScript SDK constructor: 
const client = new Screenshotly(process.env.SCREENSHOTLY_API_KEY);
See authentication for full details.

Revoking a key

  1. Go to API settings
  2. Find the key you want to revoke
  3. Click Revoke
  4. Confirm the action
Once revoked, the key immediately stops working. Any requests using the revoked key will receive a 401 response with error code invalid_api_key.

Best practices

  • Use environment variables — never hardcode API keys in source files
  • Separate keys per environment — use different keys for development, staging, and production
  • Name keys descriptively — so you know which key is used where
  • Revoke unused keys — remove keys that are no longer in use
  • Rotate keys periodically — generate new keys and phase out old ones
  • Never commit keys — add .env to your .gitignore file
# .env
SCREENSHOTLY_API_KEY=your-api-key-here

# .gitignore
.env