Authentication
The NeoSpace AI API uses API keys for authentication. This guide explains how to obtain and use your API keys to securely access our services.
API Keys
API keys are credentials that identify and authenticate your application when making requests to our API. Each key is linked to a specific account and has defined permissions.
Key types
We offer two types of API keys:
- Test Key: For use in development and testing environments
- Production Key: For use in production applications
Obtaining your API keys
To obtain your API keys:
- Log in to the NeoSpace Developer Portal
- Navigate to the "API Keys" section
- Click on "Create New Key"
- Select the key type and necessary permissions
- Copy and store your key securely
⚠️ Important: Your API keys are confidential credentials. Never share your keys or expose them in public source code, client applications, or Git repositories.
Using your API key
To authenticate your requests, include your API key in the Authorization header of your HTTP requests:
curl https://api.neospace.ai/v1/resource \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json"
Examples in different languages
JavaScript (Node.js)
const axios = require('axios');
async function makeRequest() {
const response = await axios({
method: 'post',
url: 'https://api.neospace.ai/v1/resource',
headers: {
'Authorization': 'Bearer YOUR_API_KEY',
'Content-Type': 'application/json'
},
data: {
// request data
}
});
return response.data;
}
Python
import requests
def make_request():
headers = {
'Authorization': 'Bearer YOUR_API_KEY',
'Content-Type': 'application/json'
}
payload = {
# request data
}
response = requests.post(
'https://api.neospace.ai/v1/resource',
headers=headers,
json=payload
)
return response.json()
Java
import java.net.URI;
import java.net.http.HttpClient;
import java.net.http.HttpRequest;
import java.net.http.HttpResponse;
public class ApiClient {
public static String makeRequest() throws Exception {
HttpClient client = HttpClient.newHttpClient();
HttpRequest request = HttpRequest.newBuilder()
.uri(URI.create("https://api.neospace.ai/v1/resource"))
.header("Authorization", "Bearer YOUR_API_KEY")
.header("Content-Type", "application/json")
.POST(HttpRequest.BodyPublishers.ofString("{ \"key\": \"value\" }"))
.build();
HttpResponse<String> response = client.send(request,
HttpResponse.BodyHandlers.ofString());
return response.body();
}
}
API Key Management
Key rotation
We recommend periodically rotating your API keys to enhance security:
- Create a new API key in the Developer Portal
- Update your applications to use the new key
- Verify that all systems are functioning correctly
- Revoke the old key
Key revocation
If an API key is compromised:
- Log in to the Developer Portal
- Locate the compromised key
- Click on "Revoke Key"
- Create a new key to replace it
Security best practices
To protect your API keys:
- Secure storage: Store keys in environment variables or secret vaults
- Minimal permissions: Grant only the necessary permissions for each key
- Monitoring: Monitor API usage to detect suspicious activities
- Regular rotation: Update your keys periodically
- Different keys: Use different keys for different environments
Example of secure storage in Node.js using environment variables:
// Load environment variables from a .env file
require('dotenv').config();
const apiKey = process.env.NEOSPACE_API_KEY;
// Use the key to make requests
Troubleshooting
Common authentication errors
| Code | Description | Solution |
|---|---|---|
| 401 | Invalid API key | Check that the key is correct and has not expired |
| 403 | Insufficient permissions | Check that the key has the necessary permissions |
| 429 | Rate limit exceeded | Reduce the frequency of requests or request a limit increase |
Checking key status
To check the status of your API key:
curl https://api.neospace.ai/v1/auth/verify \
-H "Authorization: Bearer YOUR_API_KEY"