{}StatementParse

Authentication

All API requests require a valid API key passed via the Authorization header.

API Key Format

StatementParse uses Bearer token authentication. Keys come in two types:

  • sp_live_... — Live keys. Requests count against your monthly quota.
  • sp_test_... — Test keys. No quota tracking. Use during development.

Making Authenticated Requests

Include your API key in the Authorization header:

Request
curl -X POST https://api.statementparse.dev/v1/parse \
  -H "Authorization: Bearer sp_live_your_key_here" \
  -F "file=@statement.pdf"

Key Management

You can create, rename, and revoke API keys from your dashboard.

  • Keys are hashed with SHA-256 before storage — we never store raw keys
  • Raw keys are shown once at creation time and cannot be retrieved
  • Revoked keys immediately stop working (401 response)
  • You can create multiple keys for different environments

Error Responses

Invalid or missing authentication returns a 401 status:

401 Unauthorized
{
  "error": "unauthorized",
  "message": "Invalid or missing API key",
  "code": 401
}
i

Rate Limiting

Each plan has a rate limit (requests per minute). Exceeding it returns a 429 status with a reset_at timestamp.