Authentication & API Keys

AstroAPI uses two authentication mechanisms, each serving a distinct purpose. API keys are required for all astrology API endpoints, while JWT tokens are used exclusively for authenticating users into the AstroAPI dashboard.

API Keys (Required for API Access)

All public astrology endpoints under /api/astro/* require an API key. API keys are intended for passive, server-to-server integrations.

API Key Format

AstroAPI keys are generated in the dashboard and do not use a prefixed format such as sk_live_*. Keys are intentionally unprefixed to avoid exposing environment context in logs.

e678a26dad5fa00f7410f7e2a1dff3da046bf997d5135e06ffbda1b744cc24a0

Always keep API keys secret. Never expose them in frontend code, public repositories, or client-side JavaScript.

Using an API Key

Authorization: Bearer YOUR_API_KEY

API keys authenticate access to:

• Birth chart generation
• Transits, houses, and aspects
• All astrology calculation endpoints

JWT Tokens (Dashboard Login Only)

JWT tokens are used only to authenticate users into the AstroAPI dashboard. They are never accepted by astrology API endpoints.

• Dashboard pages
• API key management
• Usage reports
• Billing and Stripe checkout

JWT tokens cannot be used to access astrology API endpoints.

Dashboard Login Endpoint

POST https://api.astroapi.io/auth/login

Login Example (Dashboard)

{
  "email": "user@example.com",
  "password": "your-password"
}

Login Response

{
  "token": "JWT_TOKEN",
  "user": {
    "id": 42,
    "email": "user@example.com"
  }
}

Authentication for all astrology API endpoints is handled exclusively through API keys. Each request must include a valid API key in the Authorization header.