Skip to main content
Use this reference when you need to send authenticated requests or decide how to store and rotate keys. Phaseo Gateway uses bearer tokens. Every API request must include a valid key from your workspace.

Key types

  • Gateway API keys call model, provider, and generation endpoints available to your workspace.
  • Management API keys call administration APIs. See Management API Keys.
  • Rotated keys can be created at any time, then swapped into your app before the old key is removed.
Keys follow the format phaseo_v1_sk_<kid>_<secret>. Treat them like passwords and avoid storing them in client-side code or public repositories.
You can call :free models without depositing credits. Paid models require available wallet balance.

Header format

Include the key in the Authorization header on every request:
Authorization: Bearer phaseo_v1_sk_<kid>_<secret>
Most HTTP clients let you set this once on the client. For example, with fetch:
const response = await fetch("https://api.phaseo.ai/v1/chat/completions", {
	method: "POST",
	headers: {
		Authorization: `Bearer ${process.env.PHASEO_API_KEY}`,
		"Content-Type": "application/json",
	},
	body: JSON.stringify({
		model: "gpt-5-nano-2025-08-07",
		messages: [
			{ role: "system", content: "You are a helpful assistant." },
			{
				role: "user",
				content: "Summarize the drawbacks to AI.",
			},
		],
	}),
});

Key handling checklist

PracticeWhy it matters
Use one key per appMakes it easy to rotate without affecting other services.
Store keys securelySecrets managers prevent accidental exposure in logs or error tracking.
Monitor usageThe dashboard shows per-key metrics so you can detect anomalies quickly.
Remove unused keysDeleting stale keys reduces the surface area for potential abuse.

Common authentication errors

  • 401 Unauthorized: the key is missing, invalid, or belongs to a disabled workspace.
  • 403 Forbidden: the key exists but cannot access the requested provider or model.
  • 429 Too Many Requests: the key or workspace exceeded a limit. See Rate limits.
  • 5xx errors: retry with exponential backoff and contact support if the issue persists.
Last modified on July 9, 2026