API Authentication

Authenticate your VideoNest API requests using API keys and Bearer tokens.

API & Integrations Updated March 2026

Getting your API key

API keys are generated from your VideoNest account settings.

  1. Go to Settings > API in your VideoNest dashboard.
  2. Click Generate New API Key.
  3. Give the key a descriptive name (e.g., "Production App" or "Zapier Integration") so you can identify it later.
  4. Copy the key immediately — it will not be shown again after you leave the page.
⚠️
Treat your API key like a password. Anyone with your API key can make authenticated requests to your account. Never expose it in client-side JavaScript, mobile app binaries, or public code repositories. If a key is compromised, revoke it immediately from Settings > API and generate a replacement.

Making authenticated requests

Include your API key as a Bearer token in the Authorization header of every request:

Authorization: Bearer YOUR_API_KEY

Here is a complete example using curl to list your videos:

curl -X GET https://api.videonest.co/v1/videos \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json"

Replace YOUR_API_KEY with the key you copied from Settings > API. All API requests must be made over HTTPS — requests over plain HTTP will be rejected.

API base URL

All VideoNest API endpoints are relative to the following base URL:

https://api.videonest.co/v1
💡
For a full list of available endpoints and their parameters, see the API Endpoints reference.

Rate limits

API requests are rate limited per API key. The default limit is 1,000 requests per hour. This limit is shared across all endpoints for a given key.

When you exceed the limit, the API returns a 429 Too Many Requests response. The response includes a Retry-After header indicating how many seconds to wait before making the next request:

HTTP/1.1 429 Too Many Requests
Retry-After: 120

Build your integration to respect the Retry-After value and back off accordingly. If your application consistently requires higher limits, contact support to discuss an increased rate limit for your account.

Response format

All API responses are JSON. Successful responses include a data field containing the requested resource or collection. Error responses include an error object with a machine-readable code and a human-readable message.

Example success response:

{
  "data": {
    "id": "vid_abc123",
    "title": "My Video",
    "status": "ready"
  }
}

Example error response:

{
  "error": {
    "code": "unauthorized",
    "message": "Invalid or missing API key."
  }
}

Common error codes you may encounter:

  • unauthorized — the API key is missing, invalid, or has been revoked (HTTP 401)
  • forbidden — the key does not have permission for the requested action (HTTP 403)
  • not_found — the requested resource does not exist (HTTP 404)
  • rate_limited — you have exceeded the request rate limit (HTTP 429)
  • server_error — an unexpected error occurred on the server (HTTP 500)

Security best practices

Following these practices reduces the risk of your API key being exposed or misused:

  • Use environment variables. Store your API key in an environment variable (e.g., VIDEONEST_API_KEY) and read it in your application at runtime. Never hardcode it in source files.
  • Rotate keys periodically. Generate a new key from Settings > API on a regular schedule, update your application's configuration, then revoke the old key. This limits the window of exposure if a key is leaked.
  • Create purpose-specific keys. Use a separate API key for each integration or environment (development, staging, production). That way, revoking one key does not affect all your integrations at once.
  • Verify webhook payloads. If you use webhooks, always validate the payload signature before processing it. See the Webhooks guide for details on signature verification.
  • Audit your keys regularly. Review the list of active keys at Settings > API and revoke any that are no longer in use.

Was this article helpful?

Thanks for your feedback.

Need help now? Contact support