API Reference

Authentication

Every API request authenticates with a workspace-scoped Bearer token. Tokens are tied to one workspace, never expire, and grant full access to that workspace's workflows and runs until they're revoked.

Base URL

https://api.photopipe.com

Bearer header

Pass the token in the standard Authorization header on every request:

Header
Authorization: Bearer pp_a1b2c3d4e5f60718293a4b5c6d7e8f90a1b2c3d4e5f60718293a4b5c6d7e8f90

Creating a token

  1. Open your workspace in the Photopipe app.
  2. In the left sidebar, click API tokens.
  3. Click New token, give it a name (e.g. Production server), and confirm.
  4. Copy the token immediately. It's shown once, Photopipe stores only a hash, so you can't look it up later.

Revoking a token

From the API tokens page, click Revoke on the row you want to disable. The change is immediate, every subsequent request using that token returns 401. Revocation cannot be undone, so issue a new token if you need to rotate.