> ## Documentation Index
> Fetch the complete documentation index at: https://docs.screenshotmax.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication

> Learn how to authenticate your requests to the ScreenshotMAX API using your unique API access key. This guide covers the authentication process for both GET and POST requests, ensuring secure and efficient access to our services.

To use our API, you’ll need an `access_key`. This key is **unique to your account** and is required for **all API requests.**

## What is the Access Key?

The `access_key` identifies and authenticates your requests. Think of it as your personal API password. Without it, the API will reject your requests.

<Warning>Never share your access key publicly or commit it to version control.</Warning>

## How to use the Access Key

You can authenticate your requests in one of the following ways:

### 1. In the Header (Recommended)

Add the access key to the `X-Access-Key` HTTP header. This method is secure and works with **all HTTP methods.**

```json theme={null}
X-Access-Key: YOUR_ACCESS_KEY
```

### 2. In the Query String (GET requests only)

For GET requests, you can include the key as a query parameter:

```
GET https://api.screenshotmax.com/v1/screenshot?access_key=YOUR_ACCESS_KEY&url=https://example.com
```

This is useful for quick testing or browser-based usage.

### 3. In the JSON Body (POST requests only)

For POST requests, you can also include the key in the request body:

```json theme={null}
{
  "access_key": "YOUR_ACCESS_KEY",
  "url": "https://example.com"
}
```

### Example Requests

Example using curl (Header)

```bash theme={null}
curl -X GET https://api.screenshotmax.com/v1/screenshot \
  -H "X-Access-Key: YOUR_ACCESS_KEY" \
  -G --data-urlencode "url=https://example.com"
```

Example using fetch (POST)

```js theme={null}
fetch("https://api.screenshotmax.com/v1/pdf", {
  method: "POST",
  headers: {
    "Content-Type": "application/json",
    "X-Access-Key": "YOUR_ACCESS_KEY"
  },
  body: JSON.stringify({
    url: "https://example.com"
  })
});
```

## Rotating Your Access Key

You can regenerate (rotate) your access key at any time from your [dashboard](https://app.screenshotmax.com/access).
When you rotate your key:

* A **new access key** is generated immediately.
* Your **old key becomes invalid** and cannot be used anymore.

<Warning>Be sure to update your access key in all scripts and environments after rotation.</Warning>

### What happens if the access key is missing or invalid?

If your request doesn’t include a valid `access_key`, you’ll receive a status 401 and a response like this:

```json theme={null}
{
  "statusCode": 401,
  "error": "Unauthorized",
  "message": "Invalid access key"
}
```

This means your request was rejected due to authentication failure. Double-check your access key and try again.

Need help? Contact us at [support@screenshotmax.com](mailto:support@screenshotmax.com)
