api reference · v1

Authentication

Updated May 12, 2026

Every Siftfy request must carry an X-API-Key header. Keys are tied to your account; you can issue, rotate, and revoke them per-app from the dashboard.

Header format

Send the key as the value of the X-API-Key header on every request. Don't put it in the URL or the body — those end up in logs.

curl

curl -sX POST https://api.siftfy.io/v1/predict \
  -H "X-API-Key: $SIFTFY_KEY" \
  -H "Content-Type: application/json" \
  -d '{"text": "hello, world"}'

Generating a key

Sign in, open the dashboard, and click New key. The full key is shown once; copy it into your secret store immediately. We only store a hash, so a lost key has to be revoked and replaced.

Rotation and revocation

Issue one key per environment or per service so you can revoke any one of them without an incident-wide rotation. When a key is revoked, the next request returns 401 — handle that as a hard error rather than a retry.

Where to next

POST /v1/predict → the full request and response reference.
Errors → 401, 422, 429, 503 — what each one means.
SDKs → the Python client handles the header for you.