Authentication
All WaveSpeedAI API requests require authentication via API key. Include your key in the Authorization header as a Bearer token.
Get Your API Key
- Go to API Keys
- Enter a name and click Generate
- Copy and store your key securely
Important: API keys require a top-up to activate. Keys generated without a top-up will not work.
Usage
Add your API key to the Authorization header:
Authorization: Bearer YOUR_API_KEY
curl -X POST "https://api.wavespeed.ai/api/v3/google/nano-banana-pro" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{"prompt": "A cat wearing a space suit, cinematic lighting"}'
Security Best Practices
| Practice | Description |
|---|---|
| Never share your key | Keep it confidential, don’t commit to version control |
| Use environment variables | Don’t hardcode keys in source code |
| Rotate regularly | Generate new keys and revoke old ones periodically |
| Server-side only | Never expose keys in frontend/client-side code |
Troubleshooting
| Problem | Solution |
|---|---|
401 Unauthorized | Check that your key is correct and has been activated with a top-up |
403 Forbidden | Your account may be suspended — contact support@wavespeed.ai |
429 Too Many Requests | You’ve hit your account’s rate limit — wait or upgrade your account level |
| Insufficient credits | Top up your account at wavespeed.ai/top-up |
| Key not working | Ensure you’ve made at least one top-up to activate API access |