API Reference
Submit OCR jobs programmatically with your API key.
Use the StartOCR HTTP API to submit images and PDFs from your own applications.
Authentication
Create an API key from Settings in your account (sign in first). Send it as a Bearer token on every request:
Authorization: Bearer YOUR_API_KEYCopy your key when it is created — it is shown only once. Revoke compromised keys from Settings.
Submit a job
POST https://startocr.com/api/ocr
Content-Type: application/jsonRequest body
| Field | Type | Required | Description |
|---|---|---|---|
imageBase64 | string | Yes | Base64-encoded file bytes, or a data:image/...;base64,... data URI |
filename | string | No | Original filename (used for type detection) |
provider | "paddle" | "baidu" | No | OCR engine. Defaults to "paddle" |
Example
curl -X POST https://startocr.com/api/ocr \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"imageBase64": "data:image/png;base64,iVBORw0KGgo...",
"filename": "scan.png",
"provider": "paddle"
}'Success response
{
"success": true,
"taskId": "clx...",
"provider": "paddle"
}Save the taskId — use it to poll task status in the dashboard or via your account's task APIs.
Error responses
| HTTP | error code | Meaning |
|---|---|---|
| 401 | missing_api_key | No Authorization: Bearer header |
| 401 | invalid_api_key | Key is invalid or revoked |
| 400 | missing_image_base64 | Request body missing imageBase64 |
| 400 | invalid_image_base64 | Could not decode the payload |
| 402 | insufficient_pages | Account has no remaining page balance |
| 413 | payload_too_large | Request body exceeds 10 MB |
| 415 | unsupported_media_type | Content-Type must be application/json |
Providers
paddle(default) — file is queued for async processing. Poll until the task reachesdone.baidu— synchronous OCR with word-level positions. Result is stored when the request completes.
Billing
Each submission deducts pages based on the document's page count before processing starts. If task creation fails after deduction, pages are refunded automatically.
CORS
Browser-based calls must originate from an allowed domain. Server-to-server integrations do not require CORS configuration.