Authentication
Every endpoint requires an API key. Most endpoints use OpenAI-style Bearer authentication; the Claude-native and Gemini-native protocols use their own headers.
Get a Key
After logging in to the console, create a key on the API Keys page. A key looks like:
sk-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
A key is the credential for spending your account balance. Never embed it in frontend code, public repositories, or clients. If you suspect a leak, delete and recreate it in the console immediately.
Default: Bearer Token
OpenAI-compatible endpoints (/v1/chat/completions, /v1/images/*, etc.) all use:
Authorization: Bearer sk-xxxxxxxx
Claude Native: x-api-key
When using the Anthropic native protocol (POST /v1/messages), use these headers instead:
x-api-key: sk-xxxxxxxx
anthropic-version: 2023-06-01
See Claude Messages.
Gemini Native: x-goog-api-key
When using the Gemini native protocol (/v1beta paths):
x-goog-api-key: sk-xxxxxxxx
It can also be passed as the query parameter ?key=sk-xxxxxxxx. See Gemini Native.
Header Cheat Sheet
| Protocol / Path | Auth header |
|---|---|
OpenAI-compatible /v1/* | Authorization: Bearer sk-... |
Claude /v1/messages | x-api-key: sk-... |
Gemini /v1beta/* | x-goog-api-key: sk-... |
Authentication Failures
An invalid or missing key returns 401:
{
"error": {
"code": "",
"message": "Invalid token (request id: ...)",
"type": "new_api_error"
}
}