Skip to main content

Documentation Index

Fetch the complete documentation index at: https://superdoc-dependabot-npm_and_yarn-npm_and_yarn-e04d5d616f.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

Overview

The SuperDoc API uses Bearer token authentication with API keys. All API requests must include a valid API key in the Authorization header.

API Key Format

SuperDoc API keys follow a specific format: 
sd_{environment}_{type}_{random_string}
  • Environment: test or live
  • Type: pk (public key) or sk (secret key)
  • Random String: Unique identifier

Examples

  • Test key: sd_test_pk_a1b2c3d4e5f6...
  • Live key: sd_live_pk_h7i8j9k0l1m2...

Authentication Methods

Include your API key in the Authorization header: 
curl -X POST https://api.superdoc.dev/v1/convert?format=pdf \
  -H "Authorization: Bearer sd_live_pk_your_api_key" \
  -F "file=@document.docx"

const headers = {
  'Authorization': 'Bearer sd_live_pk_your_api_key'
};

Test vs Production Keys

Test Environment (sd_test_*) - No charges applied - Limited to 100 requests per hour - Perfect for development and testing - Automatically routes to test environment

Security Best Practices

API keys should only be used in server-side applications. Never include them in: - Frontend JavaScript - Mobile applications - Public repositories - Client-side code
Store API keys in environment variables: bash # .env file SUPERDOC_API_KEY=sd_live_pk_your_api_key javascript // Usage const apiKey = process.env.SUPERDOC_API_KEY;
  • Rotate production keys every 90 days - Immediately rotate if a key is compromised - Use our key rotation API for zero-downtime rotation
When creating API keys: - Use read-only keys when possible - Limit keys to specific IP addresses - Set expiration dates for temporary access

Managing API Keys

Create a New Key

  1. Log in to dashboard.superdoc.dev
  2. Navigate to API Keys
  3. Click Create New Key
  4. Configure key settings:
    • Name (for your reference)
    • Environment (test/production)
    • Permissions (if applicable)
    • IP restrictions (optional)

Revoke a Key

Revoking a key immediately invalidates it. Ensure you’ve updated your applications before revoking.
  1. Go to API Keys in the dashboard
  2. Find the key to revoke
  3. Click Revoke Key
  4. Confirm the action

Troubleshooting

Common Authentication Errors

401 Unauthorized
error
Possible causes: - Missing Authorization header - Malformed API key - Revoked or expired key Solution: - Verify the Authorization header is present - Check key format: Bearer sd_... - Confirm key is active in dashboard
403 Forbidden
error
Possible causes: - IP restriction violation - Insufficient permissions - Feature not available in your plan Solution: - Check IP whitelist settings
  • Verify key permissions - Upgrade plan if needed

Next Steps

Make Your First Request

Start converting documents with your API key

Explore Endpoints

Discover all available API endpoints