Getting Started
Authentication
All requests to the floow.design API must include a valid API key. Keys are prefixed with fl_ and are tied to your account.
Creating an API Key
Go to Dashboard → Settings → API Keys and click New Key. Copy the key immediately — it is shown only once.
API access requires a Lite plan or higher. Calls made with a Free account are rejected with a 403. Free accounts can use the floow.design platform but cannot call the API directly.
Using Your API Key
Pass the key in the Authorization header as a Bearer token on every request.
Request header
Authorization: Bearer fl_your_api_key_hereExample Request
cURL
curl https://www.floow.design/api/v1/image-to-html \ -X POST \ -H "Authorization: Bearer fl_your_api_key_here" \ -H "Content-Type: application/json" \ -d '{"image":"https://example.com/screen.png"}'TypeScript / fetch
const res = await fetch("https://www.floow.design/api/v1/image-to-html", { method: "POST", headers: { Authorization: "Bearer fl_your_api_key_here", "Content-Type": "application/json", }, body: JSON.stringify({ image: "https://example.com/screen.png" }),});
const data = await res.json();Authentication Errors
| Status | Meaning |
|---|---|
401 Unauthorized | Missing, invalid, or revoked API key. |
403 Forbidden | Valid key but the account is on the Free plan. Upgrade to Lite or higher. |
See Errors for the full error reference.
Keep your keys secret
- • Never commit API keys to version control.
- • Use environment variables (e.g.
FLOOW_API_KEY) in your server-side code. - • Rotate a compromised key immediately from Dashboard → API Keys → Rotate.
- • API calls must originate server-side — never expose a key in browser JavaScript.