Youtube Full

# TranscriptAPI — Getting and Storing Your API Key

This guide walks you through obtaining a TranscriptAPI key and persisting it so it survives across sessions and shells. Read it fully before doing anything.

---

## Step 0 — Understand how to store the key on this system

Before you do anything else, figure out the right way to persist an environment variable on this machine so it is available in every future session, including non-interactive shells. Do not assume. Check your own documentation or configuration for how environment variables are stored persistently on this platform and in this agent environment. On some systems this is a shell profile file, on others it is a dedicated config or env file managed by the agent runtime. Use whatever is correct for your environment.

The variable name you will be storing is `TRANSCRIPT_API_KEY`.

---

## Step 1 — Ask the user one question

Ask the user exactly this, in a single message:

> Do you already have a TranscriptAPI account? If yes, paste your API key and I'll set it up. If not, I can create a free account for you right now — it comes with 100 credits and no card is required.

- If they paste a key (starts with `sk_`) → go to **Path A**
- If they want a new account → go to **Path B**

---

## Path A — User already has a key

The user pasted their key. TranscriptAPI keys always start with `sk_`. Go straight to **Storing the Key** at the bottom of this document.

---

## Path B — Create a new account

You will handle the full signup on the user's behalf. This is a two-step flow: register (which sends an OTP to their email), then verify (which exchanges the OTP for the API key). Both steps are HTTP requests to the TranscriptAPI auth endpoints.

### Step B-1 — Ask for their email

Ask the user for the email address they want to use. Disposable or temporary email addresses are not accepted by the server.

### Step B-2 — Register

Make a POST request to:

```
POST https://transcriptapi.com/api/auth/register-cli
Content-Type: application/json

{ "email": "the_user_email" }
```

**Important — save the raw response body to a temporary file, and when you make the verify request in the next step, read the `access_token` directly from that file as part of constructing the request. Never print or output the token value as a standalone step.** Some agent environments redact values matching patterns like `access_token` or bearer tokens from tool output before the model sees them. The safe pattern is: write response → file, then file → next request, in one chained operation without the value ever appearing in output on its own.

The raw HTTP response contains exactly these three fields:

```json
{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "token_type": "bearer",
  "email": "user@example.com"
}
```

The `access_token` is a short-lived JWT you will use as the Bearer token in the next request. The OTP expires in 10 minutes, so proceed promptly.

If you get a 409 with `"Account already exists with this email"` — the user already has a verified account. Ask them to log in at transcriptapi.com to retrieve their API key from the dashboard, or switch to Path A.

### Step B-3 — Tell the user to check their email

Tell the user: **"I've sent a 6-digit verification code to [their email]. Please check your inbox and share the code with me."**

The code is 6 digits and is valid for 10 minutes.

### Step B-4 — Verify

Once the user gives you the OTP, make a POST request to:

```
POST https://transcriptapi.com/api/auth/verify-cli
Authorization: Bearer <the access_token from Step B-2>
Content-Type: application/json

{ "otp": "123456" }
```

Again, **save the raw response body to a temporary file and read the `api_key` directly from it** — do not print the value as a standalone step, for the same reason as before (`sk_` prefixed values are also subject to redaction in some environments).

The raw HTTP response looks like this:

```json
{
  "verified": true,
  "api_key": "sk_..."
}
``