🔐 API Key & Webhook Secret

to access maskit’s api endpoints and receive webhook callbacks securely, you’ll need two credentials a public api key for authenticating your api requests a private webhook shared secret for verifying the authenticity of webhook calls both are generated and delivered together from your dashboard 🔑 api key all api requests require an api key passed in the request header x api key your api key 🔸 how to obtain your api key & webhook shared secret to obtain your api key and webhook shared secret log in to your maskit dashboard go to account → api access click enable api access (or regenerate api key ) once generated, you'll see your api key (used in request headers) your webhook shared secret (used to validate x signature hmacs on incoming webhooks) important this is the only time these credentials will be shown be sure to copy and store them securely if you lose them, you’ll need to revoke and regenerate a new set 📬 using the webhook secret maskit signs every webhook request using hmac sha256 with your webhook shared secret you can verify authenticity by recomputing the signature on your server and comparing it with the x signature header see the full guide 📬 webhook documentation https //docs maskit ai/webhook 🧪 testing we recommend using postman or curl to test your credentials with the following endpoints /api/v1/masking/process image — to queue a masking job /api/v1/masking/image status — to check job progress /api/v1/masking/image download — to retrieve the final masked image need help? contact us at support\@maskit ai mailto\ support\@maskit ai