Skip to main content
All Screenshotly API requests require authentication via an API key.

Getting your API key

  1. Sign in to your dashboard
  2. Navigate to API settings
  3. Copy your API key

Using your API key

Include your API key in the screenshotly-api-key header of every request: 
curl -X POST https://api.screenshotly.dev/api/v1/screenshots \
  -H "screenshotly-api-key: YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"url": "https://example.com"}'
The JavaScript SDK handles the header automatically — just pass your API key to the constructor.

Environment variables

Store your API key in an environment variable to avoid hardcoding it: 
export SCREENSHOTLY_API_KEY="your-api-key-here"
Then reference it in your code: 
const client = new Screenshotly(process.env.SCREENSHOTLY_API_KEY);

Authentication errors

If your API key is missing or invalid, the API returns a 401 Unauthorized response: 
{
  "error": "Unauthorized",
  "message": "Invalid or missing API key."
}

Security best practices

  • Never expose keys in client-side code — only use API keys in server-side applications
  • Don’t commit keys to version control — use .env files and add them to .gitignore
  • Use separate keys for environments — generate different keys for development, staging, and production
  • Rotate keys regularly — revoke old keys and generate new ones from the dashboard
  • Revoke compromised keys immediately — if a key is exposed, revoke it in API settings