Authentication
All requests made to any of the Editframe endpoints must be authorised. The primary form of authentication we use is header-based bearer token authentication.
You will need your API token which can be found in the Editframe dashboard(opens in a new tab).
Please ensure your secret API keys are not publicly accessible in your code. Anybody with access to your secret API keys will be able to make requests to the Editframe API on your behalf. If you suspect your API keys have been compromised, please revoke them and generate new ones.
HTTP Requests
If manually making a call to one of our HTTP endpoints, you must supply your API token via a header. Here's how to add the token to the request header using cURL:
curl https://editframe.dev/api/v1/[...] \
-H "Authorization: Bearer {token}"Using SDK
The client libraries will manage setting the header for you. Simply supply your API token when initialising the client:
import { Client } from "@editframe/api/node";
const EF_TOKEN = "/* load your EF_API_TOKEN here. */";
const client = new Editframe(EF_API_TOKEN);Signing URLs
You can sign URLs to allow them to be used in the browser. This is useful for allowing users to upload files to your Editframe account or take other actions that you don't want to run through your server.
"use server";
import { createURLToken, Client } from "@editframe/api";
const EF_TOKEN = "/* load your EF_API_TOKEN here. */";
const client = new Client(EF_TOKEN);
const url = "https://editframe.dev/api/v1/unprocessed_files";
const token = await createURLToken(client, url);The returned Bearer token can be used to access the URL for up to 1 hour.
Cookie Authentication
Cookie based authentication is possible, but discouraged. If you need to use cookies, please contact us to discuss your use case.