Documentation

35 conversion endpoints + 5 self-service. Bearer-token auth. JSON or binary responses.

OpenAPI 3.1 spec → · Import into Postman, Insomnia, or any OpenAPI-aware client to scaffold an SDK in your language of choice.

Rate limits

Every plan has a sustained RPS budget plus a burst allowance enforced via a per-key token bucket. Exceeding the burst returns 429 rate_limited with a Retry-After header.

Plan	Sustained (req/s)	Burst
Starter	2	5
Pro	5	15
Growth	20	40
Scale	100	200
Business	400	800

All successful responses carry RateLimit-Limit and RateLimit-Remaining headers so your client can self-throttle without hitting 429.

Authentication

Every request to /v1/* requires a bearer token in the Authorization header:

Authorization: Bearer sk_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Get a key by subscribing to a plan on the pricing page. Keys are emailed immediately after Stripe checkout. Treat them like passwords — never commit them to source control. Rotate anytime via POST /v1/keys/rotate. Lost your key? Recover it via POST /v1/keys/recover (email-verified).

Self-service

Five endpoints that don't count against your quota:

GET /v1/usage

Check your current plan, quota, and usage.

curl https://api.bytario.com/v1/usage \
  -H "Authorization: Bearer $KEY"

{
  "plan": "growth",
  "quota_monthly": 50000,
  "used_this_month": 1234,
  "remaining": 48766,
  "resets_at": "2026-05-01T00:00:00.000Z",
  "status": "active"
}

POST /v1/keys/rotate

Generate a new API key and invalidate the current one. The new key is returned in the response and emailed to you.

curl -X POST https://api.bytario.com/v1/keys/rotate \
  -H "Authorization: Bearer $KEY"

GET /v1/billing/portal

Redirects to the Stripe Customer Portal where you can switch plans, update payment methods, view invoices, and cancel. Also available as a UI at /billing.

curl -L https://api.bytario.com/v1/billing/portal \
  -H "Authorization: Bearer $KEY"

POST /v1/keys/recover

Lost your API key? Start a recovery by providing the email address on your account. A one-time 8-digit code is emailed to you. No API key required.

curl -X POST https://api.bytario.com/v1/keys/recover \
  -H "Content-Type: application/json" \
  -d '{"email":"you@company.com"}'

{
  "message": "If an account exists with that email, a recovery code has been sent. Check your inbox."
}

POST /v1/keys/recover/confirm

Submit the recovery code from your email to generate a new API key. The old key is invalidated immediately. The new key is returned in the response and emailed to you. No API key required.

curl -X POST https://api.bytario.com/v1/keys/recover/confirm \
  -H "Content-Type: application/json" \
  -d '{"email":"you@company.com","code":"12345678"}'

{
  "message": "API key recovered. New key emailed and returned below. The old key is now invalid.",
  "api_key": "sk_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
}

Codes expire after 10 minutes and can only be used once. Rate-limited to prevent abuse.

Quotas & usage

Each plan has a hard monthly request quota. Successful requests count; 4xx/5xx responses do not. Every successful response carries an X-Quota-Remaining header so you can monitor usage inline:

HTTP/1.1 200 OK
Content-Type: image/png
X-Quota-Remaining: 4998

At quota, the next request returns 429 Too Many Requests. Quotas reset on the 1st of each month at 00:00 UTC.

Errors

All errors are JSON with the same shape:

{
  "error": "invalid_input",
  "message": "Field 'text' is required",
  "upgrade_url": "https://api.bytario.com/pricing"  // optional
}

Common error codes: unauthorized (401), subscription_inactive (403), quota_exceeded (429), invalid_input (400), unsupported_format (400), too_large (413), conversion_failed (500).

Endpoints

POST /v1/qr/generate

Generate a QR code from text or URL.

curl https://api.bytario.com/v1/qr/generate \
  -H "Authorization: Bearer $KEY" \
  -H "Content-Type: application/json" \
  -d '{"text":"https://bytario.com","format":"png","errorCorrection":"M"}' \
  --output qr.png

POST /v1/qr/read

Decode a QR code from an image. Body is raw image bytes.

curl https://api.bytario.com/v1/qr/read \
  -H "Authorization: Bearer $KEY" \
  --data-binary @qr.png

POST /v1/image/convert

Convert between JPEG / PNG / WebP / AVIF / HEIC.

curl "https://api.bytario.com/v1/image/convert?to=webp&quality=85" \
  -H "Authorization: Bearer $KEY" \
  --data-binary @photo.heic \
  --output photo.webp

POST /v1/image/resize

Resize an image with a fit mode.

curl "https://api.bytario.com/v1/image/resize?width=1200&height=630&fit=cover" \
  -H "Authorization: Bearer $KEY" \
  --data-binary @photo.jpg \
  --output resized.jpg

POST /v1/image/compress

curl "https://api.bytario.com/v1/image/compress?quality=75" \
  -H "Authorization: Bearer $KEY" \
  --data-binary @photo.jpg \
  --output compressed.jpg

POST /v1/image/strip-metadata

curl https://api.bytario.com/v1/image/strip-metadata \
  -H "Authorization: Bearer $KEY" \
  --data-binary @photo.jpg \
  --output clean.jpg

POST /v1/image/read-metadata

Returns JSON with EXIF / GPS / camera info.

curl https://api.bytario.com/v1/image/read-metadata \
  -H "Authorization: Bearer $KEY" \
  --data-binary @photo.jpg

POST /v1/image/favicon-set

Returns JSON with base64-encoded ICO + 6 PNG sizes + manifest snippet.

curl https://api.bytario.com/v1/image/favicon-set \
  -H "Authorization: Bearer $KEY" \
  --data-binary @logo.png

POST /v1/pdf/merge

Multipart form with one or more files parts.

curl https://api.bytario.com/v1/pdf/merge \
  -H "Authorization: Bearer $KEY" \
  -F "files=@a.pdf" \
  -F "files=@b.pdf" \
  --output merged.pdf

POST /v1/pdf/split

curl "https://api.bytario.com/v1/pdf/split?ranges=1-3,7-9" \
  -H "Authorization: Bearer $KEY" \
  --data-binary @doc.pdf

POST /v1/pdf/rotate

curl "https://api.bytario.com/v1/pdf/rotate?pages=all&degrees=90" \
  -H "Authorization: Bearer $KEY" \
  --data-binary @doc.pdf \
  --output rotated.pdf

POST /v1/pdf/watermark

curl "https://api.bytario.com/v1/pdf/watermark?text=CONFIDENTIAL&opacity=0.3&rotation=-45" \
  -H "Authorization: Bearer $KEY" \
  --data-binary @doc.pdf \
  --output stamped.pdf

POST /v1/pdf/info

curl -X POST https://api.bytario.com/v1/pdf/info \
  -H "Authorization: Bearer $KEY" \
  --data-binary @doc.pdf

POST /v1/pdf/extract-text

curl https://api.bytario.com/v1/pdf/extract-text \
  -H "Authorization: Bearer $KEY" \
  --data-binary @doc.pdf

POST /v1/pdf/render-page

curl "https://api.bytario.com/v1/pdf/render-page?dpi=150&format=png" \
  -H "Authorization: Bearer $KEY" \
  --data-binary @doc.pdf

POST /v1/pdf/fill-form

curl https://api.bytario.com/v1/pdf/fill-form \
  -H "Authorization: Bearer $KEY" \
  -F "file=@form.pdf" \
  -F 'fields={"name":"Jane","date":"2026-04-07"}' \
  -F "flatten=true" \
  --output filled.pdf

POST /v1/pdf/flatten

curl https://api.bytario.com/v1/pdf/flatten \
  -H "Authorization: Bearer $KEY" \
  --data-binary @filled.pdf \
  --output locked.pdf

POST /v1/barcode/generate

curl https://api.bytario.com/v1/barcode/generate \
  -H "Authorization: Bearer $KEY" \
  -H "Content-Type: application/json" \
  -d '{"text":"0123456789012","format":"ean13","output":"svg"}' \
  --output barcode.svg

POST /v1/barcode/read

curl https://api.bytario.com/v1/barcode/read \
  -H "Authorization: Bearer $KEY" \
  --data-binary @label.jpg

POST /v1/render/svg-to-png

curl "https://api.bytario.com/v1/render/svg-to-png?width=1024&background=white" \
  -H "Authorization: Bearer $KEY" \
  --data-binary @icon.svg \
  --output icon.png

POST /v1/image/crop

Crop an image to a rectangle. Query params: x, y, width, height, format?, quality?

curl "https://api.bytario.com/v1/image/crop?x=100&y=50&width=400&height=300" \
  -H "Authorization: Bearer $KEY" \
  --data-binary @photo.jpg \
  --output cropped.jpg

POST /v1/image/rotate

Rotate an image by 90, 180, or 270 degrees.

curl "https://api.bytario.com/v1/image/rotate?degrees=90" \
  -H "Authorization: Bearer $KEY" \
  --data-binary @photo.jpg \
  --output rotated.jpg

POST /v1/image/flip

Flip an image horizontally or vertically.

curl "https://api.bytario.com/v1/image/flip?direction=horizontal" \
  -H "Authorization: Bearer $KEY" \
  --data-binary @photo.jpg \
  --output flipped.jpg

POST /v1/pdf/compress

Compress a PDF. Returns JSON with bytes, originalSize, compressedSize, savedPercent.

curl "https://api.bytario.com/v1/pdf/compress?stripMetadata=true" \
  -H "Authorization: Bearer $KEY" \
  --data-binary @doc.pdf

POST /v1/pdf/protect

Add password protection to a PDF.

curl "https://api.bytario.com/v1/pdf/protect?userPassword=secret123" \
  -H "Authorization: Bearer $KEY" \
  --data-binary @doc.pdf \
  --output protected.pdf

POST /v1/data/base64-encode

Encode raw bytes to Base64. Returns text/plain.

curl https://api.bytario.com/v1/data/base64-encode \
  -H "Authorization: Bearer $KEY" \
  --data-binary @file.bin

POST /v1/data/base64-decode

Decode Base64 back to raw bytes.

echo "SGVsbG8gV29ybGQ=" | curl https://api.bytario.com/v1/data/base64-decode \
  -H "Authorization: Bearer $KEY" \
  --data-binary @- \
  --output decoded.bin

POST /v1/data/url-encode

Percent-encode a UTF-8 string for URLs. Returns text/plain.

echo -n "hello world & foo=bar" | curl https://api.bytario.com/v1/data/url-encode \
  -H "Authorization: Bearer $KEY" \
  --data-binary @-

POST /v1/data/url-decode

Decode a percent-encoded string. Returns text/plain.

echo -n "hello%20world%26foo" | curl https://api.bytario.com/v1/data/url-decode \
  -H "Authorization: Bearer $KEY" \
  --data-binary @-

POST /v1/data/json-format

Pretty-print JSON. Returns application/json.

echo '{"a":1,"b":2}' | curl https://api.bytario.com/v1/data/json-format \
  -H "Authorization: Bearer $KEY" \
  --data-binary @-

POST /v1/data/json-minify

Minify JSON by stripping whitespace. Returns application/json.

curl https://api.bytario.com/v1/data/json-minify \
  -H "Authorization: Bearer $KEY" \
  --data-binary @pretty.json

POST /v1/data/csv-to-json

Convert CSV to JSON array. Returns application/json.

curl https://api.bytario.com/v1/data/csv-to-json \
  -H "Authorization: Bearer $KEY" \
  --data-binary @data.csv

POST /v1/data/json-to-csv

Convert JSON array to CSV. Returns text/csv.

curl https://api.bytario.com/v1/data/json-to-csv \
  -H "Authorization: Bearer $KEY" \
  --data-binary @data.json

POST /v1/file/hash

Compute file hash. Query param: algorithm (md5, sha1, sha256, sha384, sha512). Returns JSON.

curl "https://api.bytario.com/v1/file/hash?algorithm=sha256" \
  -H "Authorization: Bearer $KEY" \
  --data-binary @file.bin

POST /v1/file/detect

Detect file type from magic bytes. Returns JSON with mime, extension, description.

curl https://api.bytario.com/v1/file/detect \
  -H "Authorization: Bearer $KEY" \
  --data-binary @unknown-file

POST /v1/text/word-count

Count words, characters, sentences, paragraphs, reading time. Returns JSON.

echo "Hello world" | curl https://api.bytario.com/v1/text/word-count \
  -H "Authorization: Bearer $KEY" \
  --data-binary @-

POST /v1/text/diff

Compare two texts. Body: JSON { a, b, context?, labelA?, labelB? }. Returns JSON.

curl https://api.bytario.com/v1/text/diff \
  -H "Authorization: Bearer $KEY" \
  -H "Content-Type: application/json" \
  -d '{"a":"hello\nworld","b":"hello\nearth"}'

POST /v1/text/markdown-to-html

Convert Markdown to HTML. Returns text/html.

echo "# Hello\n\n**Bold** text" | curl https://api.bytario.com/v1/text/markdown-to-html \
  -H "Authorization: Bearer $KEY" \
  --data-binary @-

POST /v1/color/convert

Convert between color formats. Body: JSON { color }. Returns JSON with hex, rgb, hsl, hsv, cmyk.

curl https://api.bytario.com/v1/color/convert \
  -H "Authorization: Bearer $KEY" \
  -H "Content-Type: application/json" \
  -d '{"color":"#ff6600"}'

MCP Server & SDK

Bytario is available as an MCP (Model Context Protocol) server for AI agents, and as a typed Node.js SDK for programmatic use.

MCP Server — @bytario/mcp

40 tools available as native agent actions in Claude, Cursor, Windsurf, Copilot, and any MCP-compatible AI agent. Requires your API key as an environment variable.

npx @bytario/mcp

Add to your Claude Code / Claude Desktop / Cursor config:

{
  "mcpServers": {
    "bytario": {
      "command": "npx",
      "args": ["-y", "@bytario/mcp"],
      "env": {
        "BYTARIO_API_KEY": "sk_live_..."
      }
    }
  }
}

Every tool call hits the real Bytario API with your key. Same auth, same quotas, same rate limits as direct API calls. No free tier bypass.

Node.js SDK — bytario

npm install bytario

Thin typed wrapper. One function per endpoint:

import { Bytario } from 'bytario';
const b = new Bytario('sk_live_...');

// Convert HEIC to WebP
const webp = await b.image.convert(
  fs.readFileSync('photo.heic'),
  { to: 'webp', quality: 85 }
);
fs.writeFileSync('photo.webp', webp);

// Merge PDFs
const merged = await b.pdf.merge([
  fs.readFileSync('a.pdf'),
  fs.readFileSync('b.pdf')
]);
fs.writeFileSync('merged.pdf', merged);

// Generate QR code
const qr = await b.qr.generate({ text: 'https://bytario.com' });
fs.writeFileSync('qr.png', qr);

// Check usage
const usage = await b.usage();
console.log(`${usage.remaining} requests remaining`);

Full API surface: b.image.*, b.pdf.*, b.qr.*, b.barcode.*, b.data.*, b.file.*, b.text.*, b.color.*, b.render.*. Every method maps 1:1 to a REST endpoint. Structured error handling via BytarioError with status, code, and message.

@bytario/mcp on npm · bytario SDK on npm

Versioning

All endpoints live under /v1/. Breaking changes get a new major version path; non-breaking additions go straight to /v1/. Old versions stay live for at least 12 months after a deprecation announcement.

Support

Questions, bug reports, or feature requests: support@bytario.com. Scale and Business customers receive higher and highest priority email support respectively.