Authentication
The YODI API uses API key authentication to secure access to our services.
Obtain your API keyโ
- Sign in to your YODI dashboard
- Navigate to "API Settings"
- Click "Generate a new key"
- Copy and store your key securely
Security
- Never share your API key
- Do not embed it in client-side code
- Use environment variables
- Regenerate it if it is compromised
Using the API keyโ
Authorization headerโ
Include your API key in the Authorization header of each request:
Authorization: Bearer your_api_key_here
cURL exampleโ
curl -X POST "https://api.yodi.tg/v1/chat/completions" \
-H "Authorization: Bearer your_api_key_here" \
-H "Content-Type: application/json" \
-d '{
"model": "yodi-1",
"messages": [
{"role": "user", "content": "Hello!"}
]
}'
Python exampleโ
import requests
headers = {
'Authorization': 'Bearer your_api_key_here',
'Content-Type': 'application/json'
}
data = {
'model': 'yodi-1',
'messages': [
{'role': 'user', 'content': 'Hello!'}
]
}
response = requests.post(
'https://api.yodi.tg/v1/chat/completions',
headers=headers,
json=data
)
JavaScript exampleโ
const response = await fetch('https://api.yodi.tg/v1/chat/completions', {
method: 'POST',
headers: {
'Authorization': 'Bearer your_api_key_here',
'Content-Type': 'application/json'
},
body: JSON.stringify({
model: 'yodi-1',
messages: [
{ role: 'user', content: 'Hello!' }
]
})
});
SDK configurationโ
Python SDKโ
from yodi import Client
# Method 1: Direct
client = Client(api_key="your_api_key_here")
# Method 2: Environment variable (recommended)
import os
client = Client(api_key=os.getenv("YODI_API_KEY"))
# Method 3: Automatic configuration
# The SDK will automatically look for YODI_API_KEY in the environment
client = Client()
JavaScript SDKโ
import { YodiClient } from 'yodi-sdk';
// Method 1: Direct
const client = new YodiClient({
apiKey: 'your_api_key_here'
});
// Method 2: Environment variable (recommended)
const client = new YodiClient({
apiKey: process.env.YODI_API_KEY
});
// Method 3: Automatic configuration
const client = new YodiClient(); // Uses process.env.YODI_API_KEY
Environment variablesโ
.env fileโ
Create a .env file at the root of your project:
YODI_API_KEY=your_api_key_here
YODI_BASE_URL=https://api.yodi.tg/v1
System configurationโ
Linux/macOSโ
export YODI_API_KEY="your_api_key_here"
export YODI_BASE_URL="https://api.yodi.tg/v1"
Windows PowerShellโ
$env:YODI_API_KEY="your_api_key_here"
$env:YODI_BASE_URL="https://api.yodi.tg/v1"
Windows Command Promptโ
set YODI_API_KEY=your_api_key_here
set YODI_BASE_URL=https://api.yodi.tg/v1
Authentication errorsโ
Common error codesโ
| Code | Description | Solution |
|---|---|---|
401 | Missing or invalid API key | Check your API key |
403 | Access denied | Check your key permissions |
429 | Rate limit exceeded | See Rate limits |
Error response examplesโ
{
"message": "INVALID_API_KEY",
"error": true,
"data": null,
"status": 401
}
Error handlingโ
try:
response = client.chat.completions.create(
model="yodi-1",
messages=[{"role": "user", "content": "Hello"}]
)
except Exception as e:
if "401" in str(e):
print("Authentication error - check your API key")
elif "403" in str(e):
print("Access denied - insufficient permissions")
elif "429" in str(e):
print("Rate limit exceeded - please wait and retry")
else:
print(f"Error: {e}")
Key rotationโ
Best practicesโ
- Regular rotation: Change your keys every 90 days
- Multiple keys: Use different keys for different environments
- Monitoring: Monitor key usage
- Revocation: Revoke compromised keys immediately
Rotation processโ
- Generate a new API key
- Test it in a development environment
- Roll it out gradually to production
- Revoke the old key after full migration
Advanced securityโ
IP restrictions (Enterprise)โ
# Configure allowed IPs
curl -X POST "https://api.yodi.tg/v1/api-keys/restrictions" \
-H "Authorization: Bearer your_api_key_here" \
-d '{
"allowed_ips": ["192.168.1.0/24", "10.0.0.1"]
}'
Scopes and permissionsโ
API keys may have different access levels:
read: Read-only (models, usage)write: Full API usageadmin: Manage keys and settings
Audit and loggingโ
Track your API key usage in the dashboard:
- Number of requests
- Endpoints used
- Errors and failed attempts
- Request geolocation