API Keys
All API requests require an API key. Generate keys in your dashboard:
- Go to app.okrapdf.com/settings/api-keys
- Click Create API Key
- Copy the key (starts with
okra_)
API keys grant full access to your account. Never expose them in client-side code or public repositories.
Passing your key
Use one of these two methods:
Bearer token (recommended)
curl https://app.okrapdf.com/api/v1/jobs \
-H "Authorization: Bearer okra_YOUR_KEY"
curl https://app.okrapdf.com/api/v1/jobs \
-H "x-api-key: okra_YOUR_KEY"
Security best practices
- Store keys in environment variables, not in code
- Use different keys for development and production
- Rotate keys periodically
- Revoke keys immediately if compromised
# .env
OKRA_API_KEY=okra_YOUR_KEY
import os
import requests
resp = requests.get(
"https://app.okrapdf.com/api/v1/jobs",
headers={"Authorization": f"Bearer {os.environ['OKRA_API_KEY']}"},
)
Error responses
Invalid or missing API keys return a 401 status:
{
"error": {
"code": "unauthorized",
"message": "Invalid or revoked API key.",
"doc_url": "https://okrapdf.dev/api-reference/authentication"
}
}
