Authentication
The Career API uses API keys for authentication. Keys are managed through the Laddro Console .
API Key Header
Pass your API key in the x-api-key header on every protected request:
curl https://api.laddro.com/v1/resumes \
-H "x-api-key: lk_live_abc123..."Public vs Protected Endpoints
Some endpoints are public and require no authentication:
| Endpoint | Auth Required |
|---|---|
GET /v1/templates | No |
GET /v1/templates/{templateId} | No |
GET /v1/fonts | No |
GET /v1/languages | No |
GET /v1/models | No |
| All other endpoints | Yes |
Managing API Keys
In the Console :
- Create — Generate a new key. Copy it immediately — it’s only shown once.
- List — See all your active keys (last 4 characters visible).
- Revoke — Permanently disable a key.
- Regenerate — Replace a key with a new one.
Key Security
- Never commit API keys to version control
- Use environment variables in your applications
- Rotate keys regularly
- Revoke keys immediately if compromised
Rate Limits
| Endpoint Type | Limit |
|---|---|
| Public (no auth) | 30 requests/minute |
| Protected (with API key) | 100 requests/minute |
Exceeding the rate limit returns 429 Too Many Requests. See Rate Limits for credit costs and monthly allowances.
Error Responses
| Status | Meaning |
|---|---|
401 Unauthorized | Missing or invalid API key |
402 Payment Required | No credits remaining — purchase more or wait for 30-day cycle reset |
403 Forbidden | Key doesn’t have permission for this action |
429 Too Many Requests | Rate limit exceeded |
Last updated on