Authentication
Storyload uses API keys to authenticate requests. Generate keys on the API keys page in your account; each key is shown once and stored only as a hash.
Pass your key in the Authorization header as a Bearer token:
Authorization: Bearer sl_live_xxxxxxxxxxxxxxxx- Keys are prefixed with
sl_live_. - Never expose a key in client-side code — treat it like a password.
- Revoke a key anytime from the dashboard; revoked keys stop working immediately.
- A request without a valid key returns
401 Unauthorized.