Authentication

All API requests require a Bearer token in the Authorization header.

Authorization header

Include your API key in the Authorization header using the Bearer scheme:

HTTP Header

Authorization: Bearer sk_your_api_key_here

Key format

API keys use the prefix sk_ followed by 64 hexadecimal characters. Example:

sk_a1b2c3d4e5f6...  (64 hex chars)

Managing your keys

You can create, rotate, and revoke API keys from the API Keys settings page. Keep your keys secret -- do not expose them in client-side code or public repositories.

Example request

cURL

curl https://api.wondercat.ai/api/v1/image/generate \
  -H "Authorization: Bearer sk_your_api_key_here" \
  -H "Content-Type: application/json" \
  -d '{"prompt": "A sunset over the ocean", "model": "nano-banana-2"}'

If the key is missing or invalid the API returns a 401 Unauthorized response.