Skip to content

Authentication

All requests to /v1/render require an API key, passed as a Bearer token:

Authorization: Bearer znd_your_key_here

Keys are created and revoked from the API Keys page in your dashboard. A few things to know:

  • The full key value is shown once, at creation. Store it securely (e.g. a secret manager or environment variable) — Zindle only keeps a hash and cannot show it to you again.
  • Revoking a key takes effect immediately; requests using a revoked key are rejected with 401.
  • Treat keys as secrets. Don't embed them in client-side code or commit them to source control.

Requests without a valid key, or with a malformed or revoked key, receive a 401 Unauthorized.