Get an api_secret
Every call to the API is authenticated, so the first thing any integration needs is anapi_secret. Access is provisioned per organization.
1
Have an admin generate it in the Synthpop UI
An administrator in your organization signs in to
app.synthpop.ai and generates (or resets) the
api_secret for the environment you’re integrating with. Staging and
production have separate secrets.2
No account yet? Request access
If your organization isn’t provisioned for API access yet — or you don’t have
UI access or a Synthpop contact — request access through the
contact form. If you already have a
Synthpop representative, reach out to them directly; either way they’ll issue
an
api_secret and confirm which task_type values are enabled for you.3
Store it safely
Synthpop does not store the secret after it’s shown, and generating a new one
immediately invalidates the previous one. Keep it server-side, never commit
it, and exchange it for a bearer token rather than sending it on
every request. See Authentication.
task_type is provisioned during onboarding — there is no endpoint that lists
the types available to you. Your Synthpop contact tells you which are enabled.Reach the Synthpop team
Contact Synthpop
Get in touch about access, onboarding, provisioning a new
task_type, or
enabling callbacks and auto-read for your organization.Your Synthpop contact
Already integrating? Your dedicated Synthpop representative or customer
success contact is the fastest path for account-specific questions.
Report an API issue
When something isn’t working as documented, share the details below so the team can trace it quickly. Never include anapi_secret or a bearer token in a
report.
1
Identify the environment and endpoint
State whether you hit staging (
stage.synthpop.ai) or production
(app.synthpop.ai), and the exact endpoint and method (for example
POST /task/create).2
Include the Task identifiers
Provide the Task’s Synthpop
uuid and/or your external_id. These let the
team locate the exact Task without any credentials.3
Include timing and the response
Add an approximate timestamp (with timezone), the HTTP status code you
received, and the response body — redacting any sensitive content.
4
Describe expected vs. actual
Say what you expected and what happened instead. If it’s reproducible,
include the minimal request that triggers it.
Before you reach out
Many questions are already answered in the docs:FAQ
Access, environments, async results, file types, limits, and SDKs.
Errors
Status codes and error bodies, with what each one means.
Authentication
The
api_secret format, token exchange, and the default-deny model.Async results
Polling, callbacks, and the
waiting status.
