Managing keys

Create and revoke API keys in the developer console, the Bearer/Key/X-Api-Key auth schemes, and access scopes.

API keys are created and revoked in the clipia.ai developer console (the /developer section, "API keys" tab). The full key is shown once at creation — save it immediately. The key is sent on every request using one of three schemes (Bearer, Key, or X-Api-Key) and is bound to access scopes.

Creating and revoking

Open the developer console — the /developer section, "API keys" tab.
Create a key; set a name and the environment (live clipia_live_… or sandbox clipia_test_…).
Copy the full key from the response — it is shown only once.
To disable a key, click "Revoke" — revocation takes effect immediately.

The key is a server-side secret

Never put the key in a browser, mobile app, or public repository. If a key is compromised, revoke it immediately in the developer console and create a new one.

Authentication schemes

Send the key in one of three ways — pick whichever is convenient:

Authorization: Bearer clipia_live_xxxxxxxxxxxxxxxxxxxxxx

Authorization: Key clipia_live_xxxxxxxxxxxxxxxxxxxxxx

X-Api-Key: clipia_live_xxxxxxxxxxxxxxxxxxxxxx

When using Authorization, send the full string, including the scheme prefix (Bearer or Key ) and the space.

Access scopes

A key carries scope restrictions. The allowed values are exactly generate and read; by default a key gets both (["generate", "read"]).

Prop

Type

Creating generations requires the generate scope.
Reading the status and result of your own generation, the model catalog (GET /v1/models), and the balance (GET /v1/account) are available to any valid key — no scope required.
A request without the required scope returns 403 insufficient_scope.

Sandbox for debugging

A key with the clipia_test_… prefix runs in test mode: the request never reaches a real generation, no credits are charged, and submit returns a deterministic sample result immediately. When your integration is ready, swap the key for clipia_live_… — no code changes needed.

Managing keys

Create and revoke API keys in the developer console, the Bearer/Key/X-Api-Key auth schemes, and access scopes.

Creating and revoking

Open the developer console — the /developer section, "API keys" tab.
Create a key; set a name and the environment (live clipia_live_… or sandbox clipia_test_…).
Copy the full key from the response — it is shown only once.
To disable a key, click "Revoke" — revocation takes effect immediately.

The key is a server-side secret

Never put the key in a browser, mobile app, or public repository. If a key is compromised, revoke it immediately in the developer console and create a new one.

Authentication schemes

Send the key in one of three ways — pick whichever is convenient:

Authorization: Bearer clipia_live_xxxxxxxxxxxxxxxxxxxxxx

Authorization: Key clipia_live_xxxxxxxxxxxxxxxxxxxxxx

X-Api-Key: clipia_live_xxxxxxxxxxxxxxxxxxxxxx

When using Authorization, send the full string, including the scheme prefix (Bearer or Key ) and the space.

Access scopes

A key carries scope restrictions. The allowed values are exactly generate and read; by default a key gets both (["generate", "read"]).

Prop

Type

Creating generations requires the generate scope.
Reading the status and result of your own generation, the model catalog (GET /v1/models), and the balance (GET /v1/account) are available to any valid key — no scope required.
A request without the required scope returns 403 insufficient_scope.

Sandbox for debugging

Managing keys

Creating and revoking

Authentication schemes

Access scopes

On this page

Managing keys

Creating and revoking

Authentication schemes

Access scopes

On this page