Virtual Try-On API
one endpoint, ~10s renders.
POST a user photo and a garment, get back a photorealistic AI try-on. Bearer-key auth, CORS-ready, domain-scoped keys. Build it into your store, marketplace, mobile app or POS.
50 calls included · No credit card · Cancel anytime
Use the API when the widget isn't enough.
Custom checkout flows
Show the try-on inside your own modal, mini-cart or PDP variant — no iframe, no widget UI to skin. You own the markup.
Native mobile apps
Call the same endpoint from iOS, Android or React Native. JSON in, JSON out. The widget version is browser-only — the API is for everywhere else.
Marketplaces and B2B
Per-seller API keys via your own dashboard. Front the API behind your authenticated routes — your sellers never see the Agalaz key.
Quick start in 3 steps
Get an API key
Sign up at /partners. Register the domain you will call the API from. The dashboard shows your key —agz_live_...— copy it once and store it as a server-side env var.
Make your first call
cURL (works from any shell):
curl https://agalaz.com/api/v1/tryon \
-X POST \
-H "Authorization: Bearer agz_live_YOUR_KEY" \
-H "Content-Type: application/json" \
-d '{
"userImage": "<base64-encoded user photo>",
"garmentUrl": "https://yourstore.com/img/red-dress.jpg"
}'Render the result
The response body is JSON: { image: "data:image/png;base64,..." }. Drop the data URL into an <img> src or an Image component and you're done.
Endpoint reference
One endpoint. One auth header. JSON in, JSON out.
/api/v1/tryonGenerates a photorealistic try-on image of the user wearing the supplied garment.
Headers
| Header | Value |
|---|---|
| Authorization | Bearer agz_live_… (required) |
| Content-Type | application/json |
Body parameters
| Field | Type | Required | Description |
|---|---|---|---|
| userImage | string | Yes | Base64-encoded photo of the customer. Min ~500×500 px, max 10 MB. |
| garmentUrl | string | One of | Public HTTPS URL of the product image. Agalaz fetches it server-side. |
| clothingImage | string | One of | Base64-encoded product image (alternative to garmentUrl). |
| currentSize | string | No | Customer's usual size (XS / S / M / L / XL …) for fit modeling. |
| previewSize | string | No | Size to preview (overrides currentSize) — show the same garment one size up/down. |
JavaScript example
// Browser or Node 18+
const userImage = await fileToBase64(file); // your helper
const res = await fetch("https://agalaz.com/api/v1/tryon", {
method: "POST",
headers: {
"Authorization": `Bearer ${process.env.AGALAZ_KEY}`,
"Content-Type": "application/json",
},
body: JSON.stringify({
userImage,
garmentUrl: "https://yourstore.com/img/red-dress.jpg",
}),
});
const data = await res.json();
// data.image is a data:image/png;base64,... stringPython example
import base64, requests
with open("user.jpg", "rb") as f:
user_image = base64.b64encode(f.read()).decode()
r = requests.post(
"https://agalaz.com/api/v1/tryon",
headers={
"Authorization": f"Bearer {AGALAZ_KEY}",
"Content-Type": "application/json",
},
json={
"userImage": user_image,
"garmentUrl": "https://yourstore.com/img/red-dress.jpg",
},
timeout=120,
)
result = r.json()
# result["image"] is a data URL with the rendered try-onStatus codes
| Code | Meaning |
|---|---|
| 200 | Render OK. Response body: { image: "data:image/png;base64,..." } |
| 400 | Bad request — missing userImage, image too small (under 500×500), or image too large (over 10 MB). |
| 401 | Missing or invalid Bearer token, or call coming from a non-allowlisted domain. |
| 402 | Quota exhausted for the current billing period. |
| 5xx | Upstream model failure or timeout (rare). Retry with exponential backoff. |
Pricing per render
Same plan covers both the API and the widget. Switch between integration styles without paying twice.
Free trial
€0
7 days · 50 calls
Starter
€150/mo
200 calls / month
Growth
€499/mo
1,000 calls / month
Developer FAQ
How do I get an API key?▼
Sign up on the Agalaz Partners page with Google, register your domain (or your test domain) and you receive an API key starting with agz_live_. Your key is scoped to the domain you registered, so it cannot be used from other origins.
What does the request body look like?▼
Send a JSON POST to /api/v1/tryon with at minimum userImage (base64). To apply a product, send clothingImage (base64) or garmentUrl (public HTTPS URL). Optional fields: currentSize, previewSize for fit modeling.
How long does a render take?▼
Average 10 seconds end-to-end. The endpoint has a 120-second timeout — even cold-start renders complete within the response window.
What are the image size limits?▼
Maximum 10 MB per image (base64-encoded). Minimum recommended resolution is 500×500 pixels — anything smaller is rejected with a 400 because the AI cannot reliably generate a believable result from low-resolution input.
Can I call it from the browser?▼
Yes. The endpoint sets CORS headers and handles OPTIONS preflight. Your API key is domain-scoped, so even if it leaks in browser code it can only be used from the domains you registered. For higher-security setups, proxy the call through your own backend.
Do you store the photos I send?▼
No. Both userImage and clothingImage are processed in memory and discarded immediately after the response is returned. Zero data retention. The only thing we log is the partner_id, request timestamp and credit deduction — never the image content.
How is rate limiting handled?▼
Each API key has a monthly render quota tied to your subscription plan (50 on the trial, 200 on Starter, 1,000 on Growth). When you hit the quota the endpoint returns 402 Payment Required with the renewal date. Upgrade or wait for the next billing cycle.
Is there an SDK?▼
Not yet — the API is intentionally tiny (one endpoint, one auth header, JSON in/out) so a thin SDK adds little value over fetch/requests. Most integrations are 20 lines of code in the host language. If you would like a published SDK in your stack, email infoagalaz@gmail.com and tell us which language.
What developers say
Quotes from partner engineering teams. Attribution anonymised at their request.
“One endpoint, one auth header, JSON in / JSON out. The API is so simple I shipped the integration in a single afternoon — no SDK needed, just fetch().”
“We use the API behind our authenticated routes for B2B sellers. Each seller gets their own domain-allowlisted key from our dashboard — clean isolation, no cross-tenant risk.”
“Domain-scoped keys mean a leaked browser key isn't catastrophic. We still proxy through our backend for higher-value flows, but the attack surface is bounded by design.”
Ready to build with the Agalaz API?
Grab a key, paste 20 lines of code, ship try-on into your product before lunch.
Get my API key