Authentication
To ensure secure access to the PDFLoom API, all requests must be authenticated using a bearer token. This token verifies that the request is coming from a trusted source and has the necessary permissions to perform the requested operations.
Generating Your API Token
- Log In: Log in to your PDFLoom account.
- Navigate to API Page: Go to the API page in your dashboard.
- Generate Token: Click on "Generate New Token" to create a new bearer token.
- Store Securely: Store this token securely. Do not share it publicly or include it in client-side code.
Please don't commit your PDFLoom API Key to GitHub!
Using the API Token
Include the token in the Authorization header of each API request. The format should be as follows. Here's how to add the token to the request header using cURL:
Example request with bearer token
curl -X POST https://api.pdfloom.com/v1/convert/html \
-H "Authorization: Bearer YOUR_API_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"html_content": "<html><body><h1>Hello World</h1></body></html>",
"options": {
"page_size": "A4",
"orientation": "portrait"
}
}'
Token Expiration and Regeneration
Tokens may have an expiration date for security purposes. If your token expires or you believe it has been compromised, you can generate a new token from the API page in your PDFLoom dashboard.
Security Best Practices
- Keep your token secure: Treat your API token like a password. Do not expose it in client-side code, public repositories, or anywhere it can be accessed by unauthorized users.
- Use HTTPS: Ensure that all your requests to the PDFLoom API are made over HTTPS to prevent eavesdropping and man-in-the-middle attacks.
- Rotate your token periodically: Regularly regenerate your API token to minimize the risk in case it gets compromised.
- By following these practices, you can ensure that your interactions with the PDFLoom API remain secure and reliable. If you encounter any issues with authentication, please contact our support team at support@pdfloom.com.