Authentication
Secure your requests and unlock higher rate limits with API key authentication
Overview
Placewise supports two authentication modes:
Anonymous
No API key required, limited to 10 requests per hour
Authenticated
Use API keys for higher limits based on your subscription plan
Getting API Keys
Coming Soon
User dashboard for API key management is currently in development. For now, contact support to get API keys.
Future: Self-Service Dashboard
- Create an account or sign in at
/dashboard - Navigate to API Keys section
- Click "Create New API Key"
- Give your key a descriptive name
- Copy and securely store your key (you won't see it again!)
API Key Format
API keys follow a specific format to help you identify them:
Live Keys
Productionpk_live_abc123def456...Use for production applications. Counts against your subscription quota.
Test Keys
Developmentpk_test_xyz789uvw012...Use for development and testing. Separate rate limits, doesn't affect production quota.
Using API Keys
You can provide your API key in two ways:
1. Query Parameter (Simple)
Add api_key parameter to your URL
/api/image?query=mountains&width=800&api_key=pk_live_YOUR_KEY⚠️ Warning: Query parameters are visible in URLs. Only use this method for server-side requests or development.
2. HTTP Header (Recommended)
Include X-API-Key header in your requests
JavaScript:
fetch('/api/image?query=mountains&width=800', {
headers: {
'X-API-Key': 'pk_live_YOUR_KEY'
}
})cURL:
curl -H "X-API-Key: pk_live_YOUR_KEY" \ "https://yourdomain.com/api/image?query=mountains"
✅ Best Practice: Headers are more secure as they're not logged in browser history or server access logs.
Security Best Practices
Never expose keys in client-side code
Don't include API keys directly in HTML, JavaScript, or mobile apps where users can see them
Use environment variables
Store keys in .env files and access via process.env
PLACEWISE_API_KEY=pk_live_YOUR_KEYMake requests from your backend
Keep API keys on your server and proxy requests from your frontend
// Your backend API route
export async function GET(request) {
const imageUrl = await fetch(
`/api/image?query=${query}`,
{ headers: { 'X-API-Key': process.env.PLACEWISE_API_KEY } }
);
return Response.json({ imageUrl });
}Rotate keys regularly
Create new keys and revoke old ones periodically, especially if you suspect compromise
Use test keys during development
Keep production keys separate from development keys to prevent accidental quota usage
Rate Limits by Plan
| Plan | Monthly Requests | Price | Features |
|---|---|---|---|
| Anonymous | 10/hour | Free | Basic access, no authentication |
| Free | 1,000 | $0/mo | API key required, basic support |
| Pro | 50,000 | $29/mo | Priority support, analytics |
| Business | 500,000 | $199/mo | Advanced analytics, SLA |
| Enterprise | Unlimited | Custom | Dedicated support, custom SLA |
On This Page