Authentication
All API requests require a Bearer token in the Authorization header. Unauthenticated requests return a 401 error.
API Keys
API keys follow the format masko_{64-hex-characters}. When you create a key, only the SHA-256 hash is stored on our servers - the raw key is shown once and cannot be retrieved later.
curl https://api.masko.ai/v1/credits \
-H "Authorization: Bearer masko_YOUR_API_KEY"Keep your API key secret. Do not expose it in client-side code or public repositories. If a key is compromised, revoke it immediately from the dashboard.
Creating API Keys
Create API keys from the Developer dashboard.
Personal vs Organization Keys
API keys are scoped to a workspace:
- Personal keys access your personal projects and deduct from your personal credits
- Organization keys access the team's projects and deduct from the team's credit pool
When you switch workspaces in the dashboard, the Developer page shows keys for that workspace. Organization keys can be created by admins and owners. Any team member can use an org key.
Rate Limits
The v1 API may return 429 Too Many Requests when traffic is limited. Treat a 429 as retryable and back off before trying again.
Credits
Each generation consumes credits from your account balance. Check your balance at any time via the /v1/credits endpoint.
| Type | Cost |
|---|---|
| Image | 1 credit |
| Animation | 5 credits per second |
| Logo | 5 credits |
| Edit | 1 credit |
Error Codes
The API uses standard HTTP status codes for error responses.
| Code | Meaning |
|---|---|
401 | Invalid or missing API key |
402 | Insufficient credits - top up your balance to continue |
403 | Access denied - you do not own this resource |
429 | Rate limit exceeded - wait and retry |
500 | Internal server error - contact support if persistent |