Authentication
Authenticate API requests with a Videoslash API key.
All Videoslash API requests require an API key. Create one in your Account settings under Developers.
API keys
Keys use the format vsl_ followed by a random secret. Example:
vsl_a1B2c3D4e5F6...The full key is shown once when you create it. Store it securely — it cannot be retrieved later.
You can create up to 10 active keys per account. Revoke a key immediately if you believe it has been compromised.
Making requests
Include your key in the Authorization header using the Bearer scheme:
curl -s https://www.videoslash.com/api/v1/account \
-H "Authorization: Bearer vsl_YOUR_KEY"Security
Treat your API key like a password:
- Do not share it with anyone
- Do not post it in public channels, support tickets, or forums
- Do not commit it to version control or expose it in client-side code
- Revoke immediately if you suspect it has been leaked, then create a new key
Anyone with your key can access your account via the API within the key's scopes.
Scopes
Each key has a list of scopes that control what it can do:
| Scope | Allows |
|---|---|
read | Read account profile and credit balances (included on every key) |
scripts:generate | Generate titles and scripts via the API (uses credits) |
creative:generate | Run Creative Studio image and video generations via the API (uses credits) |
When creating a key, enable Allow script generation or Allow Creative Studio generation to grant write scopes. Read-only keys cannot call write endpoints and receive 403 insufficient_scope.
Error responses
Authentication errors use this shape:
{
"error": {
"code": "invalid_api_key",
"message": "Invalid API key."
}
}| HTTP | Code | When |
|---|---|---|
| 401 | missing_api_key | No Authorization: Bearer ... header |
| 401 | invalid_api_key | Key not found or revoked |
| 401 | expired_api_key | Key past its expiration date |
| 403 | insufficient_scope | Key lacks the required scope |
| 400 | validation_error | Invalid request body |
| 402 | insufficient_credits | Not enough credits for the operation |
| 429 | rate_limited | Too many requests (see Retry-After header) |
| 404 | not_found | Resource not found |
| 500 | internal_error | Unexpected server error |