Authentication

Pricing Dashboard Image studio

Authentication model

Image and video API endpoints support API-key authentication. For external integrations, use an API key with the Authorization header.

Important: /api/register/ and /api/login/ are currently disabled and return 403. Use the web login flow and API key management instead.

Recommended setup

Sign in at /accounts/login/.
Create an API key in your dashboard, or via POST /api/api-keys/ while authenticated.
Send requests to /api/v1/... with your key in Authorization.
For model discovery, call /api/v1/models/image/ and /api/v1/models/video/.

Authorization header formats

The backend accepts multiple auth header formats.

Authorization: Bearer YOUR_API_KEY

Authorization: Token YOUR_API_KEY

Authorization: YOUR_API_KEY

Create an API key (session-authenticated)

If you are logged in with a browser session, you can create keys programmatically.

curl -X POST https://ulazai.com/api/api-keys/ \
  -H "Content-Type: application/json" \
  -H "X-CSRFToken: YOUR_CSRF_TOKEN" \
  -H "Cookie: sessionid=YOUR_SESSION" \
  -d '{
    "name": "Production key"
  }'

Response includes the full key once. Store it immediately.

Auth troubleshooting

401 means the key is missing, invalid, or revoked.
402 can indicate no purchased credits for API usage.
Welcome credits are website-only and cannot be used via API.