Authentication
API key setup, base URL, and request headers.
Overview
The Phrasly Business API uses API key authentication to secure all requests. Every call to the Humanization API or AI Detection API must include a valid API key in the request headers. API keys are generated from your dashboard after subscribing to a plan.
Authentication is simple and stateless. There are no OAuth flows, session tokens, or complex handshakes. Just include your API key as a header in every request and you are ready to go. This design makes integration fast and straightforward across any language, framework, or platform.
Base URL
All API requests should be sent to the following base URL. Both the Humanization API and AI Detection API share the same base URL, with different endpoint paths.
https://business.phrasly.ai
API Key
All API requests require an API key passed via the x-api-key header. Generate keys from your dashboard.
You can create multiple API keys to separate usage across different applications, environments, or teams. Each key tracks its own usage independently, making it easy to monitor costs and manage access across your organization.
Example Request
Below is an example cURL request to the AI Detection endpoint. Replace YOUR_API_KEY with a valid API key from your dashboard.
curl https://business.phrasly.ai/api/v1/detect \
-H "x-api-key: YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{"text": "Your text here"}'Required Headers
Every API request must include the following headers. Requests missing the API key or Content-Type header will be rejected with a 401 or 400 status code.
| Header | Value | Required |
|---|---|---|
| x-api-key | Your API key | Yes |
| Content-Type | application/json | Yes |
Security Best Practices
Keep your API keys secure to prevent unauthorized usage and unexpected charges. Follow these best practices when integrating the Phrasly API:
- Never expose API keys in client-side code, public repositories, or frontend applications. Always make API calls from your server or backend.
- Use environment variables to store your API keys. Avoid hardcoding keys directly in your source code.
- Create separate API keys for development, staging, and production environments so you can revoke or rotate keys independently.
- Monitor your usage dashboard regularly to detect any unusual activity or unexpected spikes in API consumption.
- If you suspect a key has been compromised, revoke it immediately from your dashboard and generate a new one.
Rate Limits
The Phrasly API enforces rate limits to ensure fair usage and platform stability. If you exceed the rate limit, the API will return a 429 (Too Many Requests) status code.
- Humanize endpoint: 5 requests per second
- Detect endpoint: 5 requests per second
If your application requires higher throughput or custom rate limits, contact our team at [email protected] to discuss enterprise options and volume-based pricing.