Authentication
Learn how to authenticate your API requests using API keys.
Overview
The API uses API keys for authentication. Each API key is scoped to a specific workspace and has configurable permissions.
API keys are prefixed with hk_ to make them easily identifiable.
API Keys
To create an API key:
- Log in to your account
- Navigate to Settings → API Keys
- Click Create API Key
- Enter a descriptive name (e.g., "Production", "Development")
- Select the required scopes
- Copy the generated key immediately
Important: API keys are only shown once when created. Store them securely as they cannot be retrieved later.
Using API Keys
Include your API key in the Authorization header as a Bearer token:
Authorization: Bearer hk_your_api_key_hereExample request with cURL:
curl --request GET \
--url 'https://api.lthn.ai/v1/brain/recall' \
--header 'Authorization: Bearer hk_your_api_key'Scopes
API keys can have different scopes to limit their permissions:
| Scope | Description |
|---|---|
read |
Read access to resources (GET requests) |
write |
Create and update resources (POST, PUT requests) |
delete |
Delete resources (DELETE requests) |
Security Best Practices
- Never commit API keys to version control
- Use environment variables to store keys
- Rotate keys periodically
- Use the minimum required scopes
- Revoke unused keys immediately
- Never expose keys in client-side code