Verify webhook signatures
Each webhook carries an X-MGW-Signature header: HMAC-SHA256 of the raw body using your per-account secret. Recompute it on your side and compare in constant time before trusting the payload.
When you're generating mockups for every SKU or design drop, the editor isn't the bottleneck — the manual steps are. Here's how to wire mockup rendering into your own pipeline over the API.
Generate a named, revocable API key on the API Keys page. Authenticate every request with an Authorization: Bearer header.
POST to /api/v1/renders with a template id and a design (file, design_url, or stored asset id). The finished image returns in about a second.
For heavier jobs, POST to /api/v1/render-jobs with a webhook_url. The render runs server-side and POSTs an HMAC-SHA256-signed payload on completion — no polling.
Submit a bulk job describing designs × templates × colors. It renders the whole matrix server-side, can be stopped anytime, and returns a zip — billing only for renders produced.
Each webhook carries an X-MGW-Signature header: HMAC-SHA256 of the raw body using your per-account secret. Recompute it on your side and compare in constant time before trusting the payload.
Upload reusable artwork once to your design library and reference it by asset id in every render. Repeated jobs never re-transfer the bytes, which keeps high-volume pipelines fast.
Yes — /api/docs serves a live OpenAPI reference with try-it-out for every endpoint.
No. Failed renders are never billed, and stopping a bulk job bills only the renders that completed.
Free plan, no credit card, no watermarks — your first mockup in about a minute.