Authentication
API authentication requirements and header formats for Kodey API
All API requests require authentication via the x-api-key header.
Header Format
x-api-key: <your_api_key>
or
X-Api-Key: <your_api_key>
Supported Key Types
Kodey API accepts three types of API keys:
| Key Type | Prefix | Use Case |
|---|---|---|
| Publishable Key | pk_live_ | Client-side chat integrations |
| Team Secret Key | sk_live_ | Server-side team operations |
| User Secret Key | usk_live_ | Multi-team management & admin operations |
See API Key Types for detailed permissions.
Example Requests
Using Team Secret Key
GET /chat HTTP/1.1
Host: pooled.api.kodey.ai
x-api-key: sk_live_7Xk9mNpQ2rStUvWxYz3aBcDeFgHjKm
Content-Type: application/json
Using User Secret Key
User secret keys work across all teams where you are an OWNER or ADMIN. Pass the team ID in the URL path:
GET /team/team_abc123/agents HTTP/1.1
Host: pooled.api.kodey.ai
x-api-key: usk_live_7Xk9mNpQ2rStUvWxYz3aBcDeFgHjKm
Content-Type: application/json
Note:
User secret keys provide root access across multiple teams. They can perform all operations that team secret keys can, plus team management operations like creating teams, inviting members, and managing billing.