For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
DashboardSign Up
GuidesAPI Reference
  • Getting Started
    • Introduction
    • Authentication
    • Quickstart
  • Concepts
    • Extractors
    • Schemas
LogoLogo
DashboardSign Up
On this page
  • Overview
  • Getting Your API Key
  • Using Your API Key
  • Example Request
  • Error Handling
  • Environment Variables
  • API Key Best Practices
Getting Started

Authentication

Secure your API requests with API keys
Was this page helpful?
Previous

Quickstart

Extract data from your first document in under 5 minutes
Next
Built with

Overview

All API requests to Automat require authentication using an API key. API keys are scoped to your organization and provide access to all extractors within that organization.

Keep your API keys secure! Never commit them to version control or expose them in client-side code.

Getting Your API Key

  1. Log in to the Automat Dashboard
  2. Navigate to Settings → API Keys
  3. Click Create API Key
  4. Give your key a descriptive name (e.g., “Production Backend”, “Development”)
  5. Copy the key immediately — it won’t be shown again

You can create multiple API keys for different environments or services. Each key can be revoked independently without affecting others.

Using Your API Key

Include your API key in the Authorization header using the Bearer scheme:

$Authorization: Bearer YOUR_API_KEY

Example Request

$curl -X POST https://studio.runautomat.com/api/extract \
>  -H "Authorization: Bearer ak_xxxxxxxxxxxxx" \
>  -F "extractorId=ext_abc123" \
>  -F "file=@document.pdf"

Error Handling

If authentication fails, you’ll receive a 401 Unauthorized response:

1{
2  "error": "unauthorized",
3  "message": "Invalid API key"
4}

Common authentication errors:

ErrorCauseSolution
Missing Authorization headerNo Authorization header providedAdd the header to your request
Invalid API keyKey doesn’t exist or was revokedCheck the key in your dashboard
Malformed headerWrong formatUse Bearer YOUR_KEY format

Environment Variables

We recommend storing your API key in environment variables:

.env
$AUTOMAT_API_KEY=ak_xxxxxxxxxxxxx
Node.js
Python
Go
typescript const apiKey = process.env.AUTOMAT_API_KEY;

API Key Best Practices

Use Environment Variables

Never hardcode API keys in your source code

Rotate Regularly

Periodically generate new keys and revoke old ones

Separate by Environment

Use different keys for development, staging, and production

Monitor Usage

Review API key activity in your dashboard