All API requests (except listing providers) require authentication via a Bearer token.
API keys
Create API keys from the dashboard. Keys are prefixed with sr_live_ and are shown only once at creation.
Authorization: Bearer sr_live_your_key_here
Store your API key securely. Do not commit it to version control or expose it in client-side code.
Rate limits
Each API key is limited to 60 requests per minute. When exceeded, the API returns 429 Too Many Requests with a Retry-After header.
Response headers on every request:
| Header | Description |
|---|
X-RateLimit-Limit | Maximum requests per window |
X-RateLimit-Remaining | Requests remaining in current window |
X-RateLimit-Reset | Unix timestamp when the window resets |
Per-key credit limits
You can set optional spending limits on individual API keys. This is useful when distributing keys to team members or applications.
Limits are configured per key in the dashboard with a period of hour, day, week, or month. When the limit is reached, requests return 429 with a message indicating the credit limit was exceeded.
Public endpoints
The following endpoints do not require authentication:
GET /v1/providers — List all providersGET /v1/providers/:id — Get provider details
