AI Detection (Sightengine)

Sightengine AI detection: API credentials, rate limits, quota monitoring, and enterprise API key

Overview

Verifieddit uses Sightengine for AI-generated content detection. The API determines whether an image was likely generated by AI (DALL-E, Midjourney, Stable Diffusion, etc.) and returns a confidence score.

API Credentials

CredentialPass Store Path
API Userpass sightengine/api-user
API Secretpass sightengine/api-secret

API Usage

Direct API Call

1
2
3
4
5

curl -X POST "https://api.sightengine.com/1.0/check.json" \
  -F "url=https://example.com/image.jpg" \
  -F "models=genai" \
  -F "api_user=$(pass sightengine/api-user)" \
  -F "api_secret=$(pass sightengine/api-secret)"

Response Format

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15

{
  "status": "success",
  "request": {
    "id": "req_xxxxx",
    "timestamp": 1711036800
  },
  "type": {
    "ai_generated": 0.95,
    "photo": 0.05
  },
  "media": {
    "id": "med_xxxxx",
    "uri": "https://example.com/image.jpg"
  }
}
  • ai_generated > 0.5: Likely AI-generated
  • ai_generated < 0.5: Likely real photo

Via Upload (Binary)

1
2
3
4
5

curl -X POST "https://api.sightengine.com/1.0/check.json" \
  -F "media=@/path/to/image.jpg" \
  -F "models=genai" \
  -F "api_user=$(pass sightengine/api-user)" \
  -F "api_secret=$(pass sightengine/api-secret)"

Rate Limits

Free Tier

  • 500 operations/month
  • No burst rate limit
  • All models available

Enterprise API Key

  • Higher monthly quota (check current plan)
  • Priority processing
  • Dedicated support

Monitoring Quota Usage

1

curl -s "https://api.sightengine.com/1.0/account.json?api_user=$(pass sightengine/api-user)&api_secret=$(pass sightengine/api-secret)" | jq '.'

Check the response for:

  • usage.operations_used – Operations consumed this billing period
  • usage.operations_limit – Total operations available
  • usage.reset_date – When the quota resets

Integration Points

Badges Worker (Primary)

The Cloudflare badges worker proxies AI detection requests to avoid exposing credentials to the client:

Browser -> /api/ai-detect -> Badges Worker -> api.sightengine.com

Worker secrets:

  • SIGHTENGINE_API_USER
  • SIGHTENGINE_API_SECRET

Stripe Backend (Secondary)

The stripe backend can also proxy AI detection for authenticated users:

Authenticated Client -> /ai-detect -> Stripe Backend -> api.sightengine.com

Caching Strategy

To minimize API calls and stay within quota:

  1. Hash-based deduplication: Before calling Sightengine, check if the image hash already has a cached result in D1
  2. Store results: After each API call, store the result in D1 keyed by image hash
  3. TTL: AI detection results don’t change for a given image, so cache indefinitely

D1 Cache Query

1

SELECT ai_score FROM badge_images WHERE image_url = ?;

If a result exists, skip the Sightengine API call.

Upgrading to Enterprise

If the free tier quota is exhausted:

  1. Contact Sightengine for enterprise pricing
  2. Obtain new API credentials
  3. Update pass store:
    1
2

    pass edit sightengine/api-user
pass edit sightengine/api-secret
  4. Update all consumers (see Secret Rotation SOP)

Troubleshooting

  • Empty response: Quota may be exhausted. Check usage with the account endpoint.
  • 403 Forbidden: API credentials are incorrect or expired. Verify with a direct curl test.
  • Slow responses: Sightengine may have regional latency. The API is US-hosted.
  • False positives: Some photos with heavy filters or editing may trigger AI detection. The ai_generated score is probabilistic, not definitive.