Skip to main content

API Key Authentication

ScriptBase uses API key authentication. All requests must include your API key in the request headers.

Getting Your API Key

1

Create an Account

Sign up at dashboard.scriptbase.app
2

Navigate to API Keys

Go to the API Keys section in your dashboard
3

Create a New Key

Click “Create API Key” and give it a descriptive name
4

Copy and Store Securely

Copy your API key immediately - it won’t be shown again. Store it securely.

Authentication Methods

ScriptBase supports two ways to pass your API key: Pass your API key using the X-API-Key header: 
curl "https://api.scriptbase.app/api/v1/videos/dQw4w9WgXcQ" \
  -H "X-API-Key: sk_your_key_here"

Method 2: Authorization Bearer Header

Alternatively, use the Authorization header with a Bearer token: 
curl "https://api.scriptbase.app/api/v1/videos/dQw4w9WgXcQ" \
  -H "Authorization: Bearer sk_your_key_here"

Security Best Practices

API keys should only be used in server-side code. Never include them in frontend JavaScript, mobile apps, or public repositories.
Store API keys in environment variables, not in your codebase:
export YT_API_KEY="sk_your_key_here"
Then reference them in your code:
const apiKey = process.env.YT_API_KEY;
Create new API keys periodically and delete old ones to minimize risk if a key is compromised.
Create different API keys for development, staging, and production environments.
Regularly check your API key usage in the dashboard to detect any suspicious activity.

Managing API Keys

View All Keys

See all your API keys in the dashboard at dashboard.scriptbase.app/keys.

Deactivate a Key

If you suspect a key has been compromised:
  1. Go to the API Keys section
  2. Find the compromised key
  3. Click “Deactivate” to immediately stop all requests using that key
  4. Create a new key to replace it

Key Information

Each API key shows:
  • Name: Descriptive name you provided
  • Created: When the key was created
  • Last Used: Last time the key was used
  • Status: Active or Inactive
  • Requests: Total number of requests made with this key

Authentication Errors

If authentication fails, you’ll receive an error response: 
{
  "success": false,
  "error": {
    "code": "INVALID_API_KEY",
    "message": "Invalid or inactive API key"
  }
}
Common authentication error codes:
Error CodeDescriptionSolution
INVALID_API_KEYAPI key is missing, invalid, or inactiveCheck that your key is correct and active
UNAUTHORIZEDMissing authentication headerInclude X-API-Key or Authorization header
API_KEY_INACTIVEAPI key has been deactivatedCreate a new API key
For a complete list of error codes, see the Error Reference.

Testing Your Authentication

Test that your API key works correctly: 
curl "https://api.scriptbase.app/api/v1/account" \
  -H "X-API-Key: sk_your_key_here"
A successful response will include your account information: 
{
  "success": true,
  "data": {
    "id": "usr_...",
    "email": "you@example.com",
    "plan": "HOBBY",
    "quota": {
      "used": 42,
      "limit": 1000,
      "resetDate": "2024-02-01T00:00:00Z"
    }
  }
}
The /api/v1/account endpoint does not consume credits, making it perfect for testing authentication.