All API requests require authentication using a Bearer token.
API Keys
API keys are prefixed with ak_ and can be created in your dashboard.
Keep your API key secret. Do not share it or commit it to version control.
Use your API key
Include your API key in the Authorization header:
curl https://api.auriko.ai/v1/chat/completions \
-H "Authorization: Bearer $AURIKO_API_KEY" \
-H "Content-Type: application/json" \
-d '{"model": "gpt-4o", "messages": [{"role": "user", "content": "Hello"}]}'
SDK Authentication
import os
from auriko import Client
# Option 1: Pass via environment variable (recommended)
client = Client(
api_key=os.environ["AURIKO_API_KEY"],
base_url="https://api.auriko.ai/v1"
)
# Option 2: Auto-detect from AURIKO_API_KEY env var
client = Client(base_url="https://api.auriko.ai/v1")
Environment Variables
Set your API key as an environment variable for security:
export AURIKO_API_KEY=ak_your_api_key_here
from auriko import Client
client = Client(base_url="https://api.auriko.ai/v1")
Error Responses
| Status | Code | Description |
|---|
| 401 | invalid_api_key | API key is invalid or missing |
{
"error": {
"message": "Invalid API key provided",
"type": "invalid_request_error",
"code": "invalid_api_key"
}
}
Session authentication
Management API endpoints use session tokens for authentication. Workspace and budget read endpoints also accept API keys.
The dashboard handles session authentication automatically. For programmatic access, use the returned access_token from your sign-in flow as a Bearer token:
curl https://api.auriko.ai/v1/workspaces \
-H "Authorization: Bearer $SESSION_JWT"
Authentication summary
| Category | Auth method | Token prefix |
|---|
Inference (/v1/chat/completions, /v1/models, /v1/me) | API key | ak_ |
Discovery (/v1/registry/*, /v1/directory/*) | None required | — |
| Workspace & budget reads | API key or Session token | ak_ / JWT |
| All other management | Session token | JWT |
