Authentication

All WiseScribe API requests authenticate with an API key passed as a Bearer token in the Authorization header.

Creating an API key

Sign in to wisescribe.ai and navigate to Settings → API Keys. Click Create key, give it a descriptive name (e.g., production, my-app), and copy the key immediately.

API keys are shown only once at creation time and cannot be retrieved again. If you lose a key, revoke it and create a new one.

Your key will look like:

wsc_a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8

Authenticating requests

Pass the key in the Authorization header as a Bearer token:

Example authenticated request

curl https://wisescribe.ai/api/v1/transcribe \
  -H "Authorization: Bearer wsc_YOUR_KEY" \
  -H "Content-Type: application/json" \
  -d '{"url": "https://www.youtube.com/watch?v=..."}'

If the key is missing or invalid, the API returns 401 Unauthorized:

401 — missing or invalid key

{
  "error": "Missing Authorization: Bearer <api_key>"
}

401 — revoked key

{
  "error": "Invalid or revoked API key"
}

Security best practices

  • Store API keys in environment variables, never in source code
  • Never commit keys to Git
  • Use separate keys for development and production
  • Rotate keys regularly — revoke and recreate them

Revoking a key

Go to Settings → API Keys and click Revoke next to any key. Revocation is immediate — any in-flight requests using that key will fail with 401.

If you suspect a key has been compromised, revoke it immediately and create a new one.

Was this page helpful?