Skip to main content

Authentication

The YODI API uses API key authentication to secure access to our services.

Obtain your API keyโ€‹

  1. Sign in to your YODI dashboard
  2. Navigate to "API Settings"
  3. Click "Generate a new key"
  4. Copy and store your key securely
Security
  • Never share your API key
  • Do not embed it in client-side code
  • Use environment variables
  • Regenerate it if it is compromised

Using the API keyโ€‹

Authorization headerโ€‹

Include your API key in the Authorization header of each request:

Authorization: Bearer your_api_key_here

cURL exampleโ€‹

curl -X POST "https://api.yodi.tg/v1/chat/completions" \
-H "Authorization: Bearer your_api_key_here" \
-H "Content-Type: application/json" \
-d '{
"model": "yodi-1",
"messages": [
{"role": "user", "content": "Hello!"}
]
}'

Python exampleโ€‹

import requests

headers = {
'Authorization': 'Bearer your_api_key_here',
'Content-Type': 'application/json'
}

data = {
'model': 'yodi-1',
'messages': [
{'role': 'user', 'content': 'Hello!'}
]
}

response = requests.post(
'https://api.yodi.tg/v1/chat/completions',
headers=headers,
json=data
)

JavaScript exampleโ€‹

const response = await fetch('https://api.yodi.tg/v1/chat/completions', {
method: 'POST',
headers: {
'Authorization': 'Bearer your_api_key_here',
'Content-Type': 'application/json'
},
body: JSON.stringify({
model: 'yodi-1',
messages: [
{ role: 'user', content: 'Hello!' }
]
})
});

SDK configurationโ€‹

Python SDKโ€‹

from yodi import Client

# Method 1: Direct
client = Client(api_key="your_api_key_here")

# Method 2: Environment variable (recommended)
import os
client = Client(api_key=os.getenv("YODI_API_KEY"))

# Method 3: Automatic configuration
# The SDK will automatically look for YODI_API_KEY in the environment
client = Client()

JavaScript SDKโ€‹

import { YodiClient } from 'yodi-sdk';

// Method 1: Direct
const client = new YodiClient({
apiKey: 'your_api_key_here'
});

// Method 2: Environment variable (recommended)
const client = new YodiClient({
apiKey: process.env.YODI_API_KEY
});

// Method 3: Automatic configuration
const client = new YodiClient(); // Uses process.env.YODI_API_KEY

Environment variablesโ€‹

.env fileโ€‹

Create a .env file at the root of your project:

YODI_API_KEY=your_api_key_here
YODI_BASE_URL=https://api.yodi.tg/v1

System configurationโ€‹

Linux/macOSโ€‹

export YODI_API_KEY="your_api_key_here"
export YODI_BASE_URL="https://api.yodi.tg/v1"

Windows PowerShellโ€‹

$env:YODI_API_KEY="your_api_key_here"
$env:YODI_BASE_URL="https://api.yodi.tg/v1"

Windows Command Promptโ€‹

set YODI_API_KEY=your_api_key_here
set YODI_BASE_URL=https://api.yodi.tg/v1

Authentication errorsโ€‹

Common error codesโ€‹

CodeDescriptionSolution
401Missing or invalid API keyCheck your API key
403Access deniedCheck your key permissions
429Rate limit exceededSee Rate limits

Error response examplesโ€‹

{
"message": "INVALID_API_KEY",
"error": true,
"data": null,
"status": 401
}

Error handlingโ€‹

try:
response = client.chat.completions.create(
model="yodi-1",
messages=[{"role": "user", "content": "Hello"}]
)
except Exception as e:
if "401" in str(e):
print("Authentication error - check your API key")
elif "403" in str(e):
print("Access denied - insufficient permissions")
elif "429" in str(e):
print("Rate limit exceeded - please wait and retry")
else:
print(f"Error: {e}")

Key rotationโ€‹

Best practicesโ€‹

  1. Regular rotation: Change your keys every 90 days
  2. Multiple keys: Use different keys for different environments
  3. Monitoring: Monitor key usage
  4. Revocation: Revoke compromised keys immediately

Rotation processโ€‹

  1. Generate a new API key
  2. Test it in a development environment
  3. Roll it out gradually to production
  4. Revoke the old key after full migration

Advanced securityโ€‹

IP restrictions (Enterprise)โ€‹

# Configure allowed IPs
curl -X POST "https://api.yodi.tg/v1/api-keys/restrictions" \
-H "Authorization: Bearer your_api_key_here" \
-d '{
"allowed_ips": ["192.168.1.0/24", "10.0.0.1"]
}'

Scopes and permissionsโ€‹

API keys may have different access levels:

  • read: Read-only (models, usage)
  • write: Full API usage
  • admin: Manage keys and settings

Audit and loggingโ€‹

Track your API key usage in the dashboard:

  • Number of requests
  • Endpoints used
  • Errors and failed attempts
  • Request geolocation

Next stepsโ€‹