Overview
Every API request needs an API key in theAuthorization header. Get your key from the dashboard, add it to requests as a Bearer token, start building.
Getting Your API Key
- Sign up or log in at babou.ai
- Navigate to your Dashboard
- Go to Settings → API Keys
- Click Create New API Key
- Copy your key immediately (it won’t be shown again)
API keys follow the format:
sk-bab-[random-string]Making Authenticated Requests
Include your API key in theAuthorization header of every request:
Examples
API Key Management
Security Best Practices
Store keys in environment variables
Store keys in environment variables
Never hardcode API keys in your source code. Use environment variables:Or use a
.env file (and add it to .gitignore):Rotate keys regularly
Rotate keys regularly
Create new API keys periodically and delete old ones from your dashboard to maintain security.
Use separate keys for different environments
Use separate keys for different environments
Create different API keys for development, staging, and production environments to isolate access.
Monitor key usage
Monitor key usage
Check your dashboard regularly for unexpected API usage that might indicate a compromised key.
Key Expiration
API keys can have expiration dates. You’ll receive a401 Unauthorized error if your key has expired:
Authentication Errors
Common Error Responses
Invalid or missing API key
API key doesn’t match expected format (
sk-bab-*)The API key has expired