Authentication

The API uses two authentication methods. Use JWT tokens for dashboard/management endpoints, and API keys for programmatic access (verification, revocation).

JWT Token

For dashboard & management endpoints (passports, analytics, keys).

Authorization: Bearer eyJhbG...

API Key

For programmatic access — verification, revocation. Create in Dashboard → API Keys.

X-API-Key: kya_abc123...

Get a JWT token

curl

curl -X POST https://aip.synthexai.tech/api/auth/login   -H "Content-Type: application/json"   -d '{"email": "you@example.com", "password": "your_password"}'

# Response:
# {"access_token": "eyJhbG...", "token_type": "bearer"}

Create an API key

curl

curl -X POST https://aip.synthexai.tech/api/keys   -H "Authorization: Bearer YOUR_JWT"   -H "Content-Type: application/json"   -d '{"name": "production-backend"}'

# Response:
# {"id": "key_abc123", "key": "kya_live_...", "plan": "starter",
#  "message": "Save this key — it won't be shown again!"}