Skip to main content

Overview

All API requests (except the /health endpoint) require authentication using an API key. API keys are workspace-scoped and can be generated from your account settings in the Precital app.

Generating an API Key

Step-by-Step Guide

  1. Log in to Precital
  2. Access Account Settings
    • Click on your profile icon in the top navigation
    • Select “Account Settings” or “Settings” from the dropdown menu
  3. Navigate to API Keys Section
    • In the account settings page, find and click on the “API Keys” section
    • This section is typically located under “Developer” or “Integrations”
  4. Generate a New API Key
    • Click the “Generate New API Key” button
    • Optionally, provide a name/description for the key (e.g., “Production API Key”, “Development Key”)
    • Select the workspace to associate with the key (if you have multiple workspaces)
    • Click “Generate”
  5. Copy and Store Your API Key
    • Important: The API key will be displayed only once
    • Copy the API key immediately and store it securely
    • Use a password manager or secure environment variable storage
    • Never commit API keys to version control

Using Your API Key

Include your API key in the X-API-Key header of every request: 
X-API-Key: your-api-key-here

Example Request

curl -X GET https://api.precital.com/v1/credits \
  -H "X-API-Key: pk_live_abc123def456ghi789jkl012mno345pqr678stu901vwx234yz" \
  -H "Content-Type: application/json"

Workspace Association

API keys are workspace-scoped: each key is linked to a specific workspace. All API operations performed with a key will use credits from that workspace.
  • The workspace is automatically inferred from your API key - you don’t need to specify it in requests
  • If you have multiple workspaces, you can create separate API keys for each
  • All resources (analyses, press releases) are scoped to your workspace

Authentication Errors

If your API key is missing, invalid, or expired, you’ll receive a 401 Unauthorized response: 
{
  "error": {
    "code": "UNAUTHORIZED",
    "message": "Authentication required. Please provide a valid API key in the X-API-Key header.",
    "doc_url": "https://docs.precital.com/errors#UNAUTHORIZED"
  }
}

Security Best Practices

Never share your API key publicly or commit it to version control.
  • Use environment variables to store API keys in your applications
  • Rotate API keys regularly for better security
  • Revoke unused keys to minimize attack surface
  • Use different keys for different environments (development, staging, production)

Managing API Keys

You can manage your API keys from your account settings:
  • View all your API keys
  • See creation date, last used date, and associated workspace
  • Revoke or regenerate keys as needed