VideoCascadeLogo
VideoCascade

Authentication

VideoCascade API uses API keys to authenticate requests. All API endpoints (except /health) require authentication.

API Keys

API keys are prefixed with vca_ and consist of 32 random characters:

vca_abcdef1234567890ghijklmnopqr

Getting an API Key

You can create API keys through the dashboard or contact us for access.

Using the Dashboard:

  1. Sign in to the dashboard (https://www.videocascade.com/dashboard)
  2. Navigate to API Keys section
  3. Click "Create New API Key"
  4. Give it a label (e.g., "Production", "Development")
  5. Copy the key immediately (you won't be able to see it again)

Important: Store your API key securely. Once created, you cannot retrieve the plain text key again. If you lose it, you'll need to create a new one.

Making Authenticated Requests

Include your API key in the Authorization header of every request:

Authorization: Bearer vca_your_api_key

Example with cURL

curl -X GET https://api.videocascade.com/v1/videos/v_abc123 \
  -H "Authorization: Bearer vca_your_api_key"

Example with JavaScript

const response = await fetch(
  'https://api.videocascade.com/v1/videos/v_abc123',
  {
    headers: {
      Authorization: 'Bearer vca_your_api_key',
    },
  }
);

const data = await response.json();

Example with Python

import requests

response = requests.get(
    'https://api.videocascade.com/v1/videos/v_abc123',
    headers={
        'Authorization': 'Bearer vca_your_api_key',
    }
)

data = response.json()

Security Best Practices

1. Never Expose API Keys in Client-Side Code

Bad:

// In your React app (visible in browser)
const API_KEY = 'vca_your_api_key'; // NEVER DO THIS!

Good:

// In your backend server
const API_KEY = process.env.VIDEO_CASCADE_API_KEY;

2. Use Environment Variables

Store API keys in environment variables, never in code:

# .env file
VIDEO_CASCADE_API_KEY=vca_your_api_key
// In your application
const apiKey = process.env.VIDEO_CASCADE_API_KEY;

3. Use Different Keys for Different Environments

Create separate API keys for:

  • Development
  • Staging
  • Production

4. Rotate Keys Regularly

For enhanced security:

  1. Create a new API key
  2. Update your application to use the new key
  3. Delete the old key after confirming everything works

5. Restrict Key Usage

Only use API keys from secure environments:

  • Backend servers
  • Serverless functions
  • CI/CD pipelines
  • Private n8n workflows

Never use them from:

  • Frontend applications
  • Mobile apps (use a backend proxy instead)
  • Public repositories

Quickstart

Get started with VideoCascade API in minutes

API Overview

Overview of VideoCascade API structure and conventions

On this page

API KeysGetting an API KeyMaking Authenticated RequestsExample with cURLExample with JavaScriptExample with PythonSecurity Best Practices1. Never Expose API Keys in Client-Side Code2. Use Environment Variables3. Use Different Keys for Different Environments4. Rotate Keys Regularly5. Restrict Key Usage