Authentication and authorization

Scheme: Bearer
Header: Authorization
Format: Authorization: Bearer &lt;token&gt;

Authentication method

All authenticated API endpoints, such as creating generation tasks and querying task status, require a valid token in the request header.

The token is a 64-character hexadecimal string.
Include the token in the Authorization header using Bearer <token>, with exactly one space between Bearer and the token.
Contact technical support to obtain or rotate your token.

When the token is missing or invalid, the API returns: 401 Unauthorized

{
  "code": 401,
  "msg": "Authorization header is required",
  "request_id": "xxx"
}

Or:

{
  "code": 401,
  "msg": "Invalid token or token not mapped to account",
  "request_id": "xxx"
}