Authentication
All API requests require a Bearer token in the Authorization header.
API Keys
API keys start with adal_ and are tied to your user account. They share the same monthly evaluation quota as your browser sessions.
To create an API key, go to Settings → API Keys in the AdAlign app.
Making Requests
Include your API key as a Bearer token in the Authorization header:
curl -H "Authorization: Bearer adal_your_key_here" \ https://app.adalign.io/api/check-usage
Scopes
Each API key has one or more scopes that control which endpoints it can access:
| Scope | Endpoints |
|---|---|
| analyze | POST /api/analyze-ad |
| usage | GET /api/check-usage |
| history | GET /api/user-history |
| fixes | GET /api/fixes |
Error Responses
401 Unauthorized — The API key is missing, invalid, expired, or revoked.
403 Forbidden — The API key does not have the required scope for the endpoint.
Security
- API keys are shown in full only once at creation. Store them securely.
- Keys are stored as SHA-256 hashes — we cannot recover a lost key.
- Revoke compromised keys immediately from Settings.
- Use the narrowest scopes needed for each integration.