Pixieset · Authentication Profile

Pixieset Authentication

Authentication

Pixieset secures its APIs with apiKey across 1 declared security scheme, as derived from its OpenAPI definitions.

PhotographyClient GalleriesStudio ManagementCRMBookingInvoicingContractsNo Public API
Methods: apiKey Schemes: 1 OAuth flows: API key in: cookie

Security Schemes

sessionCookie apiKey
· in: cookie (session_cookie)

Source

Authentication Profile

Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/pixieset-openapi.yml
summary:
  types:
  - apiKey
  api_key_in:
  - cookie
schemes:
- name: sessionCookie
  type: apiKey
  in: cookie
  parameter: session_cookie
  description: Session cookie issued by the Pixieset web login flow (studio.pixieset.com/login
    or galleries.pixieset.com/login). This is the internal web-app session mechanism, not a
    published API-key or OAuth developer credential - Pixieset does not offer either for third-party
    use. Write operations additionally require an X-CSRF-Token header per the reverse-engineered
    documentation.
  sources:
  - openapi/pixieset-openapi.yml