Scority

YouTube API Key Guide

Learn what a YouTube API key is, when you need a Google Cloud key, and how Scority API keys work for transcript extraction.

Read authenticationView API docs
Direct answer

Which key do you need?

If you are using Google's official YouTube APIs, you usually start in Google Cloud and follow Google's credential model. If you are using Scority's transcript API, you use a Scority API key in the x-api-key header.

  • A Google API key is for official Google API requests.
  • A Scority API key is for https://api.scority.ai requests.
  • A Scority key does not replace Google credentials for every YouTube API use case.
  • For transcript extraction through Scority, keep the Scority key server-side.
Google credentials

What a YouTube API key is

When developers say YouTube API key, they often mean a Google Cloud credential used with official YouTube APIs. That key belongs to the Google API project and its quota, permissions and restrictions.

  • Use Google credentials for official YouTube Data API workflows.
  • Check current Google documentation before publishing credential setup instructions.
  • Do not use a Scority key in Google API calls.
Transcript access

When a Google key is not enough for transcripts

A Google Cloud key is not the same as a normalized transcript API response. Transcript workflows usually need text, segment timing, language handling and clear unavailable/error states.

  • Scority returns text and segments for many public videos with accessible captions.
  • Scority normalizes errors such as transcript_not_available and upstream_transcript_failed.
  • Use the official YouTube APIs for official platform data that Scority does not provide.
Scority auth

How Scority API keys work

Scority protects the Transcript API with the x-api-key header. The key identifies the account or integration for quota, usage logging and support.

  • Send x-api-key on each API request.
  • Store the key in server-side environment variables.
  • Use separate keys when you need separate usage tracking.
  • Contact Scority support for rotation, revocation or quota changes.

Server-side key example

Use placeholders in docs and environment variables in code. Never put real API keys in public examples, browser bundles or screenshots.

curl "https://api.scority.ai/v1/youtube/transcript?video_id=dQw4w9WgXcQ" \
  -H "x-api-key: YOUR_API_KEY"
Security

Keep API keys server-side

A Scority API key should be treated like a server credential. Browser-only JavaScript cannot keep it secret.

  • Do not expose keys in frontend code.
  • Do not commit keys to Git.
  • Do not paste keys into screenshots or support tickets.
  • Rotate a key if it is exposed.
401

Common authentication errors

Scority returns unauthorized when the API key is missing, invalid or revoked.

  • Check that the request is sent to https://api.scority.ai, not the public web app.
  • Check the x-api-key header name.
  • Check that the key was copied completely.
  • Check whether the key has been revoked or replaced.
Docs

Authentication

Read the Scority x-api-key reference and key safety notes.

Open →
Reference

API reference

See the endpoint, query parameters and response shape.

Open →
Errors

Error codes

Map unauthorized and other errors to recommended actions.

Open →
Guide

Transcript access

Learn how transcript-specific API access differs from broad YouTube API intent.

Open →
Comparison

Data API vs transcript API

Decide whether your workflow needs official metadata or transcript text.

Open →
OAuth

Without OAuth

Understand when API key auth is enough and when OAuth is still required.

Open →