Authentication
How to authenticate with the ByteKit API using API keys.
ByteKit authenticates requests with Bearer API keys. Every request to a capture or data
endpoint must include an Authorization header.
API key format
Keys are prefixed sk_live_ so they are easy to identify in logs and config. Treat
the full value as a secret.
Sending the Bearer header
Include the key in every request:
curl -X POST https://api.bytekit.com/v1/scrape \
-H "Authorization: Bearer sk_live_YOUR_KEY_HERE" \
-H "Content-Type: application/json" \
-d '{"url": "https://example.com"}'The key is stored as a SHA-256 hash on the server. The plaintext value is only ever visible once — at creation time.
Managing API keys
Create, rename, and revoke API keys from the dashboard. Each account can hold up to 50 active keys, with per-key billing attribution so you can split usage cleanly across services.
The plaintext key is shown once, at creation time — copy it immediately and store it as a secret. Revoke a key from the dashboard to free a slot; revoked keys do not count toward the limit.
Next steps
- Quickstart — make your first API call
- API Reference: Account — read your account, plan, and usage