Authentication
All API requests require a valid API key sent as a bearer token.
API Key Format
API keys start with sk_ followed by a random string. You can create and manage up to 3 active keys from the Dashboard → API Keys page.
http
Authorization: Bearer sk_your_api_key_hereUsing with cURL
bash
curl https://api.cheapaiapi.com/v1/credits \
-H "Authorization: Bearer sk_your_api_key" \
-H "Content-Type: application/json"Using with JavaScript
javascript
const res = await fetch('https://api.cheapaiapi.com/v1/credits', {
headers: {
Authorization: 'Bearer sk_your_api_key',
'Content-Type': 'application/json',
},
});
const data = await res.json();
console.log(data);Using with Python
python
import requests
response = requests.get(
"https://api.cheapaiapi.com/v1/credits",
headers={
"Authorization": "Bearer sk_your_api_key",
"Content-Type": "application/json",
},
)
print(response.json())Key Security Best Practices
- Never commit API keys to version control
- Use environment variables such as
CHEAPAI_API_KEY - Set a daily spend limit on development and staging keys
- Use expiration dates for temporary access
- Use separate keys for development and production
- Revoke any key immediately if you suspect it was exposed
Common Errors
If authentication fails, you'll typically receive a 401 Unauthorized response:
json
{
"success": false,
"error": "Invalid API key"
}If a key has expired, the response will indicate that the API key expired. If a key reaches its daily spend cap, the API may return 429.