Skip to main content

Overview

The Structify API uses API keys for authentication. You must include your API key in the Authorization header of every request.

Obtaining an API Key

  1. Sign in to Structify Dashboard
  2. Navigate to Settings → API Keys
  3. Click Create New Key
  4. Give your key a descriptive name
  5. Copy the key immediately - it won’t be shown again

Using Your API Key

Include the API key in the Authorization header as a Bearer token: 
curl -H "Authorization: Bearer YOUR_API_KEY" \
  https://api.structify.ai/server/version

Environment Variables

We recommend using environment variables to manage API keys:
  • Linux/macOS
  • Windows
  • .env file
export STRUCTIFY_API_TOKEN="your_api_key_here"

Security Best Practices

Never commit API keys to version control. Add them to .gitignore:
.env
.env.local
*.key

Key Rotation

Regularly rotate your API keys:
  1. Create a new API key
  2. Update your applications to use the new key
  3. Verify everything works
  4. Delete the old key

Key Scopes

Create separate keys for different environments:
  • dev-key - Local development
  • staging-key - Staging environment
  • prod-key - Production only

IP Restrictions

For production keys, consider adding IP restrictions: 
client.user.update(
    api_key_restrictions={
        "allowed_ips": ["192.168.1.1", "10.0.0.0/24"]
    }
)

Rate Limits

API keys have the following rate limits:
PlanRequests/minBurst
Free60100
Pro6001000
EnterpriseCustomCustom
When you exceed rate limits, you’ll receive a 429 Too Many Requests response: 
{
  "error": {
    "type": "rate_limit_error",
    "message": "Rate limit exceeded",
    "retry_after": 60
  }
}

JWT to API Token Exchange

For web applications using Supabase authentication, you can exchange a JWT for an API token: 
# Exchange JWT for API token
response = client.user.jwt_to_api_token(jwt="your_jwt_token")
api_token = response.token

# Use the API token for subsequent requests
client = Structify(api_key=api_token)

Troubleshooting

Your API key is invalid or missing. Check that:
  • The key is correctly formatted
  • You’re using Bearer prefix
  • The key hasn’t expired or been deleted
Your API key doesn’t have permission for this operation. Check:
  • Key scopes and permissions
  • Team membership for team resources
  • Project access for project resources
Ensure the variable is exported:
echo $STRUCTIFY_API_TOKEN
In Python, verify it’s loaded:
import os
print(os.environ.get("STRUCTIFY_API_TOKEN"))

Next Steps

Make Your First API Call

Explore available endpoints

Python SDK Reference

Detailed Python SDK documentation

TypeScript SDK Reference

Complete TypeScript SDK guide

Rate Limits & Quotas

Understanding rate limits
I