Authentication

The Illustrata API uses API keys to authenticate requests. You can request an API key by contacting our support team.

API Key Format

All API keys follow this format:

ill_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Authentication Method

Bearer Token

curl -H "Authorization: Bearer ill_your_api_key_here" \
  https://api.illustrata.com/api/pdf/DemoMYGA

Example Implementation

Node.js with Axios

const axios = require("axios");

const client = axios.create({
  baseURL: "https://api.illustrata.com",
  headers: {
    Authorization: `Bearer ${process.env.ILLUSTRATA_API_KEY}`,
    "Content-Type": "application/json",
  },
});

// Make a request
const response = await client.post("/api/pdf/DemoMYGA", {
  printIllustration: "no",
  annuiyInputData: {
    /* ... */
  },
});

Security Best Practices

Environment Variables - Store API keys in environment variables
Server-Side Only - Make API calls from your backend, not from browsers
Rotate Keys - Periodically rotate your API keys
IP Whitelisting - Contact support to restrict keys to specific IPs
Monitor Usage - Check your API usage regularly for anomalies

Error Responses

Missing API Key

{
  "error": "No API key provided",
  "message": "Include API key in Authorization header"
}

Invalid API Key

{
  "error": "Invalid or inactive API key",
  "message": "API key not found or expired"
}

Insufficient Permissions

{
  "error": "Insufficient permissions",
  "message": "No permission for POST /api/pdf/DemoMYGA"
}

Key Status Types

Status	Description
`active`	Key is valid and can be used
`disabled`	Temporarily disabled by administrator
`expired`	Key has passed its expiration date
`revoked`	Permanently invalidated

Rate Limiting

API keys are subject to rate limiting. Default limits:

100 requests per 15-minute window
Custom limits available for enterprise customers

Need Help?

Contact support for API key requests
Report compromised keys immediately
Request IP whitelisting or custom rate limits