Skip to main content

API Key Authentication

All requests to the Firemoon Studio API require authentication using an API key in the Authorization header.

Getting Your API Key

Create your API key directly from the Firemoon Studio dashboard:
  1. Sign in to Firemoon Studio
  2. Navigate to the API Keys page
  3. Click “Add key” button
  4. Enter a description (e.g., “Production API key” or “Development key”)
  5. Click “Create key”
  6. Copy your API key immediately - you won’t be able to see it again after closing the dialog
Keep your API key secure and never share it publicly. Once created, store it safely as you cannot view it again in the dashboard.

Managing API Keys

You can create multiple API keys for different purposes:
  • Development: For local testing and development
  • Staging: For staging environment testing
  • Production: For live production applications
Each key can be deleted individually if compromised or no longer needed.

Using Your API Key

Include the API key in the Authorization header with the Bearer prefix: 
Authorization: Bearer your_api_key_here

Example Requests

const response = await fetch('https://firemoon.studio/api/v1/flux/dev', {
  method: 'POST',
  headers: {
    'Authorization': 'Bearer your_api_key_here',
    'Content-Type': 'application/json'
  },
  body: JSON.stringify({
    prompt: 'A beautiful sunset'
  })
});

const result = await response.json();
console.log('Generated image:', result.images[0].url);

Security Best Practices

Environment Variables

Store your API key as an environment variable: 
# .env
FIREMOON_API_KEY=your_api_key_here

// JavaScript
const apiKey = process.env.FIREMOON_API_KEY;

Key Rotation

  • Rotate API keys regularly (recommended: every 30-90 days)
  • Use different keys for different environments (dev/staging/prod)
  • Immediately revoke compromised keys

Monitoring

  • Monitor API usage in your dashboard
  • Set up alerts for unusual activity
  • Log authentication failures

API Key Management

Creating Keys via API

You can also create API keys programmatically using the API Keys endpoint: 
curl -X POST https://firemoon.studio/api/keys \
  -H "Authorization: Bearer YOUR_SESSION_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "description": "Production API key",
    "scope": "full_access"
  }'
API key creation requires authentication via your user session. For automated key management, use the dashboard at firemoon.studio/keys.

Troubleshooting

401 Unauthorized

  • Verify your API key is correct
  • Check that you’re using the Bearer prefix
  • Ensure the key hasn’t expired

403 Forbidden

  • Confirm your key has access to the requested provider
  • Check if you’ve exceeded rate limits
  • Verify your account is in good standing

Support

Need help with authentication?