Skip to main content

API Key Authentication

All endpoints (except /health) require authentication via API key.

Using the SDK (Zero-config)

Set your API key as an environment variable and use the static Instance methods:

Using the Client

Pass your API key explicitly when creating a client:

Environment Variables

You can also set your API key as an environment variable:
Then initialize the client without explicitly passing the key:

Direct API Requests

If you’re making direct API requests without the SDK, include your API key in the Authorization header:

X-API-Key Header (Alternative)

Base URL

The default API base URL is:
You can override this when initializing the client:

Security Best Practices

Never commit API keys to version control. Always use environment variables or secure secret management.
  • Store API keys in environment variables
  • Use different keys for development and production
  • Rotate keys regularly
  • Never expose keys in client-side code
  • Use secret management services (AWS Secrets Manager, HashiCorp Vault, etc.)