Skip to content

Authentication

Every API request must be authenticated with an Inferel API key.

Keys are created in the console under API Keys. Each key belongs to your organization; you can create multiple keys (for example, one per application or environment), attach per-key rate limits, and revoke keys independently.

The full key is displayed once at creation time — copy it then. Afterwards the console shows only the last four characters.

Pass the key as a Bearer token in the Authorization header:

Terminal window
curl https://inference.inferel.ai/v1/models \
-H "Authorization: Bearer $INFEREL_API_KEY"

The API also accepts the key via the x-api-key header, which is convenient for Anthropic-style clients using the /v1/messages endpoint:

Terminal window
curl https://inference.inferel.ai/v1/messages \
-H "x-api-key: $INFEREL_API_KEY" \
-H "Content-Type: application/json" \
-d '{"model": "anthropic/claude-sonnet-4.6", "max_tokens": 256, "messages": [{"role": "user", "content": "Hi"}]}'

Authorization: Bearer takes precedence if both are supplied.

  • Treat keys like passwords: never commit them to source control or expose them in client-side code. Use the INFEREL_API_KEY environment variable on servers.
  • Rotate keys by creating a new one and revoking the old one in the console.
  • Buying, selling, or transferring API keys is prohibited by the Terms of Service.
StatusMeaning
401 UnauthorizedThe key is missing, malformed, revoked, or invalid.
503 Service UnavailableAuthentication is temporarily unavailable on our side — retry with backoff; your key is fine.
{
"error": {
"message": "Invalid API key"
}
}

See Errors for the full error model.