designseeddocs

API reference

Authentication

1 min read

The designdrop API uses bearer tokens. Generate one in Dashboard → API keys (Pro tier and above) and pass it in the Authorization header on every request.

Generating a token

  1. Sign in at app.designdrop.app.
  2. Open Dashboard → API keys.
  3. Click Create token, name it (e.g. ci-extraction), pick a scope.
  4. Copy the token immediately — it's shown once and never again.

Tokens look like dd_live_4f2c… (50 chars). Treat them like passwords: never commit, never log, never put in URLs.

Using the token

curl https://designdrop.app/api/jobs \
  -X POST \
  -H "Authorization: Bearer $DESIGNDROP_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"type":"extract_design_system","input":{"url":"https://stripe.com"}}'

The same token works with the CLI via DESIGNDROP_TOKEN:

export DESIGNDROP_TOKEN=dd_live_4f2c...
designdrop generate https://stripe.com

Scopes

Tokens are scoped at creation time. Pick the narrowest scope that does the job:

| Scope | Permissions | |-------|-------------| | read:library | List/search/read the public library. No auth needed for these endpoints anyway, but useful for self-hosted. | | read:workspace | Read your workspace's saved designs and history. | | write:workspace | Create / update designs, submit jobs, manage bookmarks. | | admin:workspace | Everything in write:workspace plus billing + member management. |

Tokens carry a name + scope + creation date. You can revoke any token from the dashboard.

Rate limits

See Rate limits for the full breakdown. Briefly:

  • Free: 3 generations per 30 days, no API access.
  • Pro: unlimited UI generations, 100 API generations per month.
  • Team: unlimited UI generations, 1,000 API generations per seat per month.

Limits apply per-token; the rate limiter response includes Retry-After and X-RateLimit-* headers.