API Keys

API keys authenticate your requests to the SolidRusT AI API. This guide covers generating, using, and managing your API keys via the PAM Console.

Getting Started

1. Create an Account

Navigate to console.solidrust.ai
Click Sign Up or Get Started
Enter your email address and create a password
Verify your email address via the confirmation link
Log in to your new account

2. Generate Your First API Key

After logging in, go to Dashboard > API Keys
Click Create New Key
Enter a descriptive name for your key (e.g., “Development”, “Production App”)
Select permissions (default: all endpoints)
Click Generate Key

3. Copy Your Key

After generation, you’ll see your key in this format:

sk-srt-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Copy the entire key including the sk-srt- prefix.

Using Your API Key

HTTP Header (Recommended)

Include your API key in the Authorization header:

curl https://api.solidrust.ai/v1/chat/completions \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer sk-srt-your-api-key-here" \
  -d '{
    "model": "vllm-primary",
    "messages": [{"role": "user", "content": "Hello!"}]
  }'

Environment Variables

Store your API key in environment variables - never hardcode it:

# Linux/macOS
export SOLIDRUST_API_KEY="sk-srt-your-api-key-here"

# Windows (PowerShell)
$env:SOLIDRUST_API_KEY = "sk-srt-your-api-key-here"

# Windows (Command Prompt)
set SOLIDRUST_API_KEY=sk-srt-your-api-key-here

SDK Configuration

Python:

import os
from openai import OpenAI

client = OpenAI(
    api_key=os.environ.get("SOLIDRUST_API_KEY"),
    base_url="https://api.solidrust.ai/v1"
)

JavaScript/TypeScript:

import OpenAI from 'openai';

const client = new OpenAI({
  apiKey: process.env.SOLIDRUST_API_KEY,
  baseURL: 'https://api.solidrust.ai/v1',
});

Managing API Keys

View Existing Keys

Go to console.solidrust.ai
Navigate to Dashboard > API Keys
View all your keys with:
- Name
- Created date
- Last used date
- Status (active/revoked)

Rotate a Key

To create a new key while deprecating an old one:

Create a new API key with a temporary name
Update your application to use the new key
Test that the new key works correctly
Revoke the old key

Revoke a Key

If a key is compromised or no longer needed:

Go to Dashboard > API Keys
Find the key you want to revoke
Click the Revoke button
Confirm the revocation

Security Best Practices

Never Commit Keys to Git

Add API keys to your .gitignore:

# Environment files
.env
.env.local
.env.*.local

# API keys
**/secrets.json
**/credentials.json

Use environment variables or secret management tools instead.

Use Different Keys per Environment

Environment	Key Name	Purpose
Development	`dev-local`	Local testing
Staging	`staging-app`	Pre-production testing
Production	`prod-app-v1`	Live application

This allows you to:

Track usage by environment
Revoke keys without affecting other environments
Apply different rate limits per environment

Implement Key Rotation

Rotate your API keys regularly:

Schedule rotation - Monthly for production keys
Automate if possible - Use CI/CD to update keys
Monitor usage - Watch for anomalies after rotation

Minimum Privilege

Request only the permissions your application needs:

Permission	Use Case
`chat:read`	Chat completions (most common)
`embeddings:read`	Embedding generation
`models:list`	List available models

Troubleshooting

401 Unauthorized

{
  "error": {
    "message": "Invalid API key provided",
    "type": "authentication_error",
    "code": "invalid_api_key"
  }
}

Solutions:

Verify the key is correct (no extra spaces or characters)
Check the key hasn’t been revoked
Ensure the Authorization: Bearer header format is correct
Verify you’re using sk-srt- prefix keys for SolidRusT API

403 Forbidden

{
  "error": {
    "message": "API key doesn't have permission for this endpoint",
    "type": "permission_error",
    "code": "insufficient_permissions"
  }
}