Skip to main content

API keys

Create API keys in the dashboard. Raw keys use the mak_ prefix and are shown only once at creation time. Send them as Bearer tokens:
Authorization: Bearer mak_...
API keys authenticate these endpoints:
  • POST /image/generate
  • POST /image/upload
  • POST /image/rate
  • GET /tasks/:id
GET /tasks/:id/status and GET /tasks/:id/result also accept API keys, but are typically called with a Public Access Token.

Spending limits

Each API key supports an optional spending limit, enforced when a task is created. The estimated cost is reserved against the limit before generation begins and rolled back if the task fails to enqueue. The dashboard supports these periods:
  • day
  • week
  • month
Use them to isolate environments, tenants, or workflows.

Public Access Tokens

A task-scoped Public Access Token (PAT) is a short-lived JWT with the pat_ prefix. Mynth returns one in the generate response when access.pat.enabled is true (the default):
{
  "data": {
    "taskId": "tsk_01KE7XWWEQ4MCGWKBQKJ1G47RP",
    "access": {
      "publicAccessToken": "pat_eyJhbGciOi..."
    }
  }
}
PATs are valid for one hour and scoped to a single task. Use them for:
  • GET /tasks/:id/status
  • GET /tasks/:id/result
Do not use them for task creation or as a general replacement for your API key.

Concurrency

Mynth does not impose API concurrency limits. If your application needs to create several tasks at once, you can issue requests in parallel and manage the coordination on your side.

Owner-only task access

GET /tasks/:id is owner-only. It requires the original account’s API key and returns the full task object.