API Documentation Beta

Verify Authentication

Use the verify endpoint to check whether your current authentication is valid. This works with both private keys and public key JWT tokens.

Endpoint

GET /v1/auth/verify

Request Headers

Header	Value	Description
`X-API-Key`	`sk_your_private_key`	Authenticate with a private key
`Authorization`	`Bearer <token>`	Authenticate with a JWT token

Use one of the two headers above, not both.

Examples

With a Private Key

curl https://api.enconvert.com/v1/auth/verify \
  -H "X-API-Key: sk_your_private_key"

With a JWT Token

curl https://api.enconvert.com/v1/auth/verify \
  -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIs..."

Response

{
  "authenticated": true,
  "project_id": "12345",
  "tier": "pro",
  "key_type": "public",
  "allowed_domains": ["https://example.com", "https://*.example.com"],
  "allowed_endpoints": ["/v1/convert/url-to-pdf", "/v1/convert/jpeg-to-png"]
}

Response Fields

Field	Type	Description
`authenticated`	boolean	Always `true` for a valid request
`project_id`	string	Your project ID
`tier`	string	Your subscription tier (e.g., `free`, `starter`, `pro`, `business`)
`key_type`	string	`public` or `private`
`allowed_domains`	array or null	Whitelisted domains (public keys only, `null` for private keys)
`allowed_endpoints`	array or null	Restricted endpoints (public keys only, `null` for private keys)

If the key or token is invalid or expired, the API returns a 401 Unauthorized error instead.

Use Cases

Testing API keys: Confirm that a newly created key is active and correctly configured.
Checking domain restrictions: Verify which domains are whitelisted for a public key.
Debugging auth issues: Determine whether a request failure is caused by authentication or something else.

← Public Keys & JWT Endpoints Overview →