Authentication | YouThumbAI Documentation

All API requests require authentication. YouThumbAI uses API keys to authenticate requests. To get your API key, go to Account → API Keys.

Authentication Methods

Method 1: x-api-key Header (Recommended)

Include your API key in the x-api-key header:

curl https://youthumb.ai/api/thumbnails \
  -H "x-api-key: your_api_key"

Method 2: Bearer Token

Alternatively, use the Authorization header with a Bearer token:

curl https://youthumb.ai/api/thumbnails \
  -H "Authorization: Bearer your_api_key"

Code Examples

JavaScript / Node.js

const response = await fetch('https://youthumb.ai/api/thumbnails', {
  method: 'POST',
  headers: {
    'x-api-key': process.env.YOUTHUMB_API_KEY,
    'Content-Type': 'application/json',
  },
  body: JSON.stringify({
    prompt: 'Excited YouTuber with colorful background',
  }),
});

const data = await response.json();

cURL

curl -X POST https://youthumb.ai/api/thumbnails \
  -H "x-api-key: $YOUTHUMB_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"prompt": "Excited YouTuber with colorful background"}'

Security Best Practices

Never expose your API key in client-side code. API keys should only be used in server-side environments.

Do's

Store API keys in environment variables
Use server-side code to make API requests
Rotate keys periodically
Use separate keys for development and production

Don'ts

Commit API keys to version control
Include keys in client-side JavaScript
Share keys in public channels
Use the same key across all environments

Environment Variables

Node.js / JavaScript:

# .env.local
YOUTHUMB_API_KEY=your_api_key_here

// Usage
const apiKey = process.env.YOUTHUMB_API_KEY;

Authentication Errors

Status Code	Error	Description
401	Unauthorized	Missing or invalid API key
403	Forbidden	API key doesn't have access to this resource

Error Response Example

{
  "success": false,
  "error": "Unauthorized"
}

Organization Context

Your API key is associated with your user account. When making requests, the API automatically uses your active organization context. All resources (thumbnails, persons, etc.) are scoped to this organization. To switch organizations, update your active organization in the YouThumbAI dashboard before making API requests.

What's Next?

Now that you understand authentication, explore the API endpoints:

Thumbnails API - Create and generate thumbnails
Persons API - Manage face profiles
Templates API - Browse style templates