API Secret
The API Secret in ConvertAPI serves as the highest-level credential in the authentication hierarchy. It provides full access to all features and functionalities of the ConvertAPI platform.
Authentication using API Secret
You can authenticate all ConvertAPI requests, including the /user endpoint and token management API endpoints, using your API secret.
API Secret can be used as a query parameter ?auth=secret_here, or passed in the Authorization header.
Query authentication
curl -X GET https://v2.convertapi.com/user?auth=secret_here
Bearer Authorization header
curl -X POST https://v2.convertapi.com/convert/docx/to/pdf \
-H "Authorization: Bearer secret_here"
-F "File=@/path/to/my_file.docx" \
-F "StoreFile=true"
Access to the /user Information Endpoint
/user Information EndpointIn addition to file conversion, the API Secret grants access to the https://v2.convertapi.com/user endpoint, which provides valuable insights into your account's consumption. By accessing this endpoint, you can:
- Retrieve usage statistics
- Monitor your conversion limits
- Get details about the number of conversions used and remaining in your plan
This information helps you stay informed and manage your consumption effectively.
Manage API Tokens with the API Secret
Another powerful feature of the API Secret is its ability to create and manage API tokens. Using the REST API, you can:
- Generate new API tokens for different environments or team members
- Set specific limits for these tokens to control consumption
- Revoke or regenerate tokens as needed
This gives you the flexibility to securely delegate access without exposing the API Secret directly.
Regenerating Your API Secret
Security is a top priority at ConvertAPI. If your API Secret is ever compromised or exposed, you can easily regenerate it from your account dashboard. By doing so, you invalidate the previous secret, ensuring that your API remains secure from unauthorized use.
Updated 4 months ago