Authentication

The Auto Content Engine API supports two authentication methods:

Method	Header	Use case
API Key (recommended)	X-API-Key: your_key	Server-side scripts, automation, CI/CD, MCP integrations
JWT Bearer Token	Authorization: Bearer <token>	Frontend apps using Clerk/Dynamic auth

For most integrations, use an API key. JWTs are primarily for the GEN web app and authenticated frontends.

Creating a Personal Access Token

1. Sign in to GEN

   Go to gen.pro and sign in to your account.

2. Navigate to API Keys

   Open Settings > API Keys from the sidebar.

3. Create a key

   Click Create API Key. Give it a descriptive name (e.g., n8n-production or claude-code).

4. Copy the key

   Your key is displayed once. Copy it immediately and store it somewhere secure.

   gen_pat_a1b2c3d4e5f6...

Caution

API keys are shown only once at creation time. If you lose a key, revoke it and create a new one.

Using your API key

Pass the key in the X-API-Key header on every request:

curl

curl https://api.gen.pro/v1/me \
  -H "X-API-Key: $GEN_API_KEY"

JavaScript

const response = await fetch("https://api.gen.pro/v1/me", {
  headers: {
    "X-API-Key": process.env.GEN_API_KEY,
  },
});

const user = await response.json();
console.log(user);

Python

import os
import requests

response = requests.get(
    "https://api.gen.pro/v1/me",
    headers={"X-API-Key": os.environ["GEN_API_KEY"]},
)

print(response.json())

A successful response confirms your key is valid:

{
  "id": "user_abc123",
  "email": "you@example.com",
  "name": "Your Name"
}

Managing API keys

You can list, rename, and revoke keys through the API itself:

# List all your keys
curl https://api.gen.pro/v1/personal_access_tokens \
  -H "X-API-Key: $GEN_API_KEY"

# Rename a key
curl -X PATCH https://api.gen.pro/v1/personal_access_tokens/{token_id} \
  -H "X-API-Key: $GEN_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"name": "new-name"}'

# Revoke a key
curl -X DELETE https://api.gen.pro/v1/personal_access_tokens/{token_id} \
  -H "X-API-Key: $GEN_API_KEY"

Credit requirement

Note

Auto Content Engine endpoints require an active GEN subscription with available credits. If your account has no credits, API calls to /v1/autocontentengine endpoints will return a 402 error.

Security best practices

• Never commit keys to source control. Use environment variables or a secrets manager.
• Use separate keys per integration. Create one key for n8n, another for Claude Code, etc. If one is compromised, revoke it without disrupting others.
• Rotate keys regularly. Create a new key, update your integrations, then revoke the old one.
• Restrict access. Only share keys with people and systems that need them.

# Store your key in an environment variable
export GEN_API_KEY="gen_pat_a1b2c3d4e5f6..."

# Or use a .env file (make sure it's in .gitignore)
echo "GEN_API_KEY=gen_pat_a1b2c3d4e5f6..." >> .env