Authentication
Authentication
All DocDigitizer API requests require authentication using an API key.
API Key Authentication
Include your API key in the X-API-Key header with every request:
X-API-Key: your-api-key-hereExample Request
curl -X POST https://apix.docdigitizer.com/sync \
-H "X-API-Key: your-api-key-here" \
-H "Content-Type: multipart/form-data" \
-F "[email protected]" \
-F "id=550e8400-e29b-41d4-a716-446655440000" \
-F "contextID=7c9e6679-7425-40de-944b-e07fc1f90ae7"Getting Your API Key
API keys are currently provided upon request. To obtain your credentials:
- Request access at docdigitizer.com/contact
- Receive your keys via secure delivery from our team
Coming Soon: Self-Service Key Management
We're building a portal where you'll be able to create, rotate, and revoke API keys yourself. For now, contact us to manage your keys.
Product-Specific Keys
DocDigitizer has two product areas, and each may require its own API key:
| Product | Base URL | Key Type |
|---|---|---|
| Document Extraction | https://apix.docdigitizer.com/sync | Extraction API Key |
| Schema Management | https://api.docdigitizer.com/registry | Schema API Key |
When requesting access, specify which products you need.
Security Best Practices
Do
- Store API keys in environment variables or secret management systems
- Use different keys for development and production
- Rotate keys periodically
- Contact support immediately if a key is compromised
Don't
- Commit API keys to source control
- Share keys in plain text (email, chat, etc.)
- Use the same key for multiple applications
- Include keys in client-side code
Authentication Errors
401 Unauthorized
Returned when:
- API key is missing from the request
- API key is invalid or revoked
- API key has expired
Example response:
{
"StateText": "ERROR",
"TraceId": "UNA1234",
"Messages": ["Invalid or missing API key"]
}403 Forbidden
Returned when:
- API key is valid but lacks permission for this operation
- Subscription doesn't include this feature
- Rate limit exceeded
Code Examples
Python
import requests
API_KEY = "your-api-key-here"
headers = {"X-API-Key": API_KEY}
response = requests.post(
"https://apix.docdigitizer.com/sync",
headers=headers,
files={"files": open("document.pdf", "rb")},
data={
"id": "550e8400-e29b-41d4-a716-446655440000",
"contextID": "7c9e6679-7425-40de-944b-e07fc1f90ae7"
}
)JavaScript
const FormData = require('form-data');
const fs = require('fs');
const axios = require('axios');
const formData = new FormData();
formData.append('files', fs.createReadStream('document.pdf'));
formData.append('id', '550e8400-e29b-41d4-a716-446655440000');
formData.append('contextID', '7c9e6679-7425-40de-944b-e07fc1f90ae7');
const response = await axios.post(
'https://apix.docdigitizer.com/sync',
formData,
{
headers: {
'X-API-Key': 'your-api-key-here',
...formData.getHeaders()
}
}
);C#
using var client = new HttpClient();
client.DefaultRequestHeaders.Add("X-API-Key", "your-api-key-here");
using var content = new MultipartFormDataContent();
content.Add(new StreamContent(File.OpenRead("document.pdf")), "files", "document.pdf");
content.Add(new StringContent("550e8400-e29b-41d4-a716-446655440000"), "id");
content.Add(new StringContent("7c9e6679-7425-40de-944b-e07fc1f90ae7"), "contextID");
var response = await client.PostAsync("https://apix.docdigitizer.com/sync", content);Future Authentication
We're planning to migrate to OAuth 2.0 via Apigee X. When this happens:
- Existing API keys will continue to work during a transition period
- You'll receive advance notice to migrate
- New authentication will provide additional security features
Updated 15 days ago