Authentication
All Reimage API requests require authentication using an API key. This guide covers how to authenticate your requests across different programming languages.
API Key Format
Your API key is available in your Reimage dashboard and should be included in the Authorization header as a Bearer token:
http
Authorization: Bearer YOUR_API_KEYSecurity Best Practice
Never commit your API key to version control or expose it in client-side code. Always store it in environment variables or secure configuration files.
Authentication Examples
JavaScript / Node.js
javascript
// Using fetch (browser or Node.js 18+)
const API_KEY = process.env.REIMAGE_API_KEY;
const response = await fetch('https://api.reimage.dev/user/', {
method: 'GET',
headers: {
'Authorization': `Bearer ${API_KEY}`
}
});
const data = await response.json();javascript
// Using axios
import axios from 'axios';
const API_KEY = process.env.REIMAGE_API_KEY;
const client = axios.create({
baseURL: 'https://api.reimage.dev',
headers: {
'Authorization': `Bearer ${API_KEY}`
}
});
const response = await client.get('/user/');
console.log(response.data);React
jsx
import { useState, useEffect } from 'react';
function UserProfile() {
const [user, setUser] = useState(null);
useEffect(() => {
// IMPORTANT: API key should come from your backend, not client-side!
fetch('https://api.reimage.dev/user/', {
headers: {
'Authorization': `Bearer ${process.env.REACT_APP_REIMAGE_API_KEY}`
}
})
.then(res => res.json())
.then(data => setUser(data));
}, []);
if (!user) return <div>Loading...</div>;
return (
<div>
<h1>{user.name}</h1>
<p>Storage: {user.storage_used} / {user.storage_limit} KB</p>
</div>
);
}Security Warning
In production React apps, never expose your API key in the frontend. Instead, proxy requests through your backend server which securely stores the API key.
Python
python
import os
import requests
API_KEY = os.environ.get('REIMAGE_API_KEY')
BASE_URL = 'https://api.reimage.dev'
# Create a session with default headers
session = requests.Session()
session.headers.update({
'Authorization': f'Bearer {API_KEY}'
})
# Make requests
response = session.get(f'{BASE_URL}/user/')
user = response.json()
print(user)python
# Using requests library directly
import requests
headers = {
'Authorization': 'Bearer YOUR_API_KEY'
}
response = requests.get(
'https://api.reimage.dev/user/',
headers=headers
)
if response.status_code == 200:
user = response.json()
print(f"User: {user['name']}")
else:
print(f"Error: {response.status_code}")PHP
php
<?php
// Using cURL
$apiKey = getenv('REIMAGE_API_KEY');
$baseUrl = 'https://api.reimage.dev';
function makeRequest($endpoint, $method = 'GET', $data = null) {
global $apiKey, $baseUrl;
$ch = curl_init($baseUrl . $endpoint);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
'Authorization: Bearer ' . $apiKey
]);
if ($method === 'POST') {
curl_setopt($ch, CURLOPT_POST, true);
if ($data) {
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
}
} elseif ($method === 'DELETE') {
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'DELETE');
}
$response = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
return [
'status' => $httpCode,
'data' => json_decode($response, true)
];
}
// Example usage
$result = makeRequest('/user/');
print_r($result['data']);
?>php
<?php
// Using Guzzle
require 'vendor/autoload.php';
use GuzzleHttp\Client;
$client = new Client([
'base_uri' => 'https://api.reimage.dev',
'headers' => [
'Authorization' => 'Bearer ' . getenv('REIMAGE_API_KEY')
]
]);
$response = $client->request('GET', '/user/');
$user = json_decode($response->getBody(), true);
print_r($user);
?>Go
go
package main
import (
"encoding/json"
"fmt"
"io"
"net/http"
"os"
)
type Client struct {
BaseURL string
HTTPClient *http.Client
APIKey string
}
func NewClient(apiKey string) *Client {
return &Client{
BaseURL: "https://api.reimage.dev",
HTTPClient: &http.Client{},
APIKey: apiKey,
}
}
func (c *Client) NewRequest(method, endpoint string, body io.Reader) (*http.Request, error) {
req, err := http.NewRequest(method, c.BaseURL+endpoint, body)
if err != nil {
return nil, err
}
req.Header.Set("Authorization", "Bearer "+c.APIKey)
return req, nil
}
func (c *Client) GetUser() (map[string]interface{}, error) {
req, err := c.NewRequest("GET", "/user/", nil)
if err != nil {
return nil, err
}
resp, err := c.HTTPClient.Do(req)
if err != nil {
return nil, err
}
defer resp.Body.Close()
var user map[string]interface{}
if err := json.NewDecoder(resp.Body).Decode(&user); err != nil {
return nil, err
}
return user, nil
}
func main() {
apiKey := os.Getenv("REIMAGE_API_KEY")
client := NewClient(apiKey)
user, err := client.GetUser()
if err != nil {
fmt.Printf("Error: %v\n", err)
return
}
fmt.Printf("User: %+v\n", user)
}Rust
rust
use reqwest::header::{HeaderMap, HeaderValue, AUTHORIZATION};
use serde_json::Value;
use std::env;
struct ReimageCl ient {
client: reqwest::Client,
base_url: String,
}
impl ReimageClient {
fn new(api_key: &str) -> Result<Self, Box<dyn std::error::Error>> {
let mut headers = HeaderMap::new();
headers.insert(
AUTHORIZATION,
HeaderValue::from_str(&format!("Bearer {}", api_key))?
);
let client = reqwest::Client::builder()
.default_headers(headers)
.build()?;
Ok(Self {
client,
base_url: "https://api.reimage.dev".to_string(),
})
}
async fn get_user(&self) -> Result<Value, Box<dyn std::error::Error>> {
let url = format!("{}/user/", self.base_url);
let response = self.client.get(&url).send().await?;
let user = response.json::<Value>().await?;
Ok(user)
}
}
#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
let api_key = env::var("REIMAGE_API_KEY")?;
let client = ReimageClient::new(&api_key)?;
let user = client.get_user().await?;
println!("User: {:?}", user);
Ok(())
}Environment Variables
It's best practice to store your API key in environment variables:
bash
REIMAGE_API_KEY=sk_live_abc123def456ghi789javascript
// Load from .env file
require('dotenv').config();
const apiKey = process.env.REIMAGE_API_KEY;python
# Load from .env file
from dotenv import load_dotenv
import os
load_dotenv()
api_key = os.getenv('REIMAGE_API_KEY')php
// Load from .env file
require 'vendor/autoload.php';
$dotenv = Dotenv\Dotenv::createImmutable(__DIR__);
$dotenv->load();
$apiKey = $_ENV['REIMAGE_API_KEY'];Authentication Errors
401 Unauthorized
If you receive a 401 error, check that:
- Your API key is correct
- The
Authorizationheader is properly formatted - You're using
Bearerprefix before the API key - Your API key hasn't been revoked
json
{
"error": "Unauthorized"
}Missing Authorization Header
If you forget to include the header:
json
{
"error": "Unauthorized"
}Testing Your Authentication
Use this simple test to verify your authentication is working:
bash
curl -H "Authorization: Bearer YOUR_API_KEY" \
https://api.reimage.dev/user/Expected response:
json
{
"name": "John Doe",
"bucket_id": "abc123",
"storage_used": 1024,
"storage_limit": 10485760,
"image_count": 5,
"transform_count": 150,
"subscription_tier": 1
}Next Steps
- Quick Start Guide - Upload your first image
- Upload API - Learn about file uploads
- Error Handling - Handle authentication errors