Guides

Authentication

How to authenticate with the ByteKit API using API keys.

ByteKit authenticates requests with Bearer API keys. Every request to a capture or data endpoint must include an Authorization header.

API key format

Keys are prefixed sk_live_ so they are easy to identify in logs and config. Treat the full value as a secret.

Sending the Bearer header

Include the key in every request:

curl -X POST https://api.bytekit.com/v1/scrape \
  -H "Authorization: Bearer sk_live_YOUR_KEY_HERE" \
  -H "Content-Type: application/json" \
  -d '{"url": "https://example.com"}'

The key is stored as a SHA-256 hash on the server. The plaintext value is only ever visible once — at creation time.

Managing API keys

Create, rename, and revoke API keys from the dashboard. Each account can hold up to 50 active keys, with per-key billing attribution so you can split usage cleanly across services.

The plaintext key is shown once, at creation time — copy it immediately and store it as a secret. Revoke a key from the dashboard to free a slot; revoked keys do not count toward the limit.

Next steps