Getting started

Authentication

Every Pedra API request authenticates with an API key passed in the JSON body.

Getting an API key

  1. Sign up at app.pedra.ai.
  2. Open Settings → API.
  3. Copy your key. It's long-lived and tied to your account.

For higher quotas, dedicated capacity, or enterprise pricing, email felix@pedra.ai.

Using the key

Pass the key as apiKey in the JSON request body for every endpoint. There is no header-based auth, OAuth flow, or token refresh — keys are long-lived and tied to your account.

curl -X POST https://app.pedra.ai/api/enhance \
  -H "Content-Type: application/json" \
  -d '{
    "apiKey": "YOUR_API_KEY",
    "imageUrl": "https://example.com/photo.jpg"
  }'

Keeping your key safe

  • Never ship keys in client-side code. Calls must originate from your backend. A key embedded in a browser bundle or mobile app is effectively public.
  • Store keys as environment variables. Not in source control.
  • Rotate immediately if leaked. Email us — we'll revoke the old key and issue a new one.

Errors

Missing or invalid keys return HTTP 404 with {"error": "User not found"} — Pedra looks the key up as a user record, so an unknown key reads as a missing user. See Errors & limits for the full list of failure modes.