Authentication

All API requests must be authenticated using an API key.

API Key Format

pk_live_1234567890abcdefghijklmnopqrstuvwxyz

Obtaining an API Key

Navigate to your agent in the dashboard
Click "API Keys"
Click "Create New API Key"
Copy the key immediately (shown only once!)

Learn more about managing API keys →

Using the API Key

Include the API key in the Authorization header with the Bearer scheme:

POST /api/v1/agents/{agentId}/execute HTTP/1.1
Host: api.promptick.ai
Authorization: Bearer pk_live_YOUR_API_KEY
Content-Type: application/json

Examples

cURL

curl -X POST https://api.promptick.ai/api/v1/agents/agent_123/execute \
  -H "Authorization: Bearer pk_live_YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"variables": {"name": "value"}}'

Node.js

const response = await fetch(
  'https://api.promptick.ai/api/v1/agents/agent_123/execute',
  {
    method: 'POST',
    headers: {
      Authorization: `Bearer ${process.env.PROMPTICK_API_KEY}`,
      'Content-Type': 'application/json',
    },
    body: JSON.stringify({
      variables: { name: 'value' },
    }),
  }
);

Python

import requests
import os

response = requests.post(
    'https://api.promptick.ai/api/v1/agents/agent_123/execute',
    headers={
        'Authorization': f'Bearer {os.getenv("PROMPTICK_API_KEY")}',
        'Content-Type': 'application/json'
    },
    json={
        'variables': {'name': 'value'}
    }
)

Security Best Practices

Never Expose API Keys

✅ Store in environment variables
✅ Use secret management tools
❌ Never commit to version control
❌ Never log API keys
❌ Never include in client-side code

Environment Variables

# .env
PROMPTICK_API_KEY=pk_live_your_key_here

Secret Management

Use tools like:

AWS Secrets Manager
HashiCorp Vault
Azure Key Vault
Google Secret Manager

Error Responses

Missing Authorization Header

{
  "error": "Missing or invalid Authorization header",
  "message": "Expected format: \"Authorization: Bearer pk_live_...\""
}

Status Code: 401 Unauthorized

Invalid API Key

{
  "error": "Invalid or revoked API key",
  "message": "The provided API key is not valid for this agent"
}

Status Code: 401 Unauthorized

Agent API Access Disabled

{
  "error": "API access disabled",
  "message": "This agent does not have API access enabled"
}

Status Code: 403 Forbidden

Next Steps

Execute Agent - Call your agent
Code Examples - Working samples
Rate Limits - Usage limits

API Key Format​

Obtaining an API Key​

Using the API Key​

Examples​

cURL​

Node.js​

Python​

Security Best Practices​

Environment Variables​

Secret Management​

Error Responses​

Missing Authorization Header​

Invalid API Key​

Agent API Access Disabled​

Next Steps​