Skip to main content

Overview

CyrionAI uses API key authentication for all requests. Your API key serves as your identity and determines your access level and rate limits.

Getting Your API Key

  1. Email [email protected] with proof of your organization’s status
  2. Provide documentation showing you’re a 501(c)(3) nonprofit, government entity, school, library, etc.
  3. Receive your API key upon approval
API keys are generated automatically when your account is approved. You can regenerate your key at any time from your dashboard.

Using Your API Key

Include your API key in the Authorization header of all requests: 
Authorization: Bearer your-api-key-here

Example Request

curl https://api.cyrionlabs.com/v1/chat/completions \
  -H "Authorization: Bearer sk-1234567890abcdef" \
  -H "Content-Type: application/json" \
  -d '{
    "model": "gpt-4o-mini",
    "messages": [
      {"role": "user", "content": "Hello!"}
    ]
  }'

SDK Authentication

Python

import openai

client = openai.OpenAI(
    api_key="sk-1234567890abcdef",
    base_url="https://ai.cyrionlabs.org/v1"
)

Node.js

import OpenAI from 'openai';

const client = new OpenAI({
    apiKey: 'sk-1234567890abcdef',
    baseURL: 'https://ai.cyrionlabs.org/v1'
});

Environment Variables

For security, store your API key in environment variables: 
# .env file
CYRIONAI_API_KEY=sk-1234567890abcdef

# Python
import os
import openai

client = openai.OpenAI(
    api_key=os.getenv('CYRIONAI_API_KEY'),
    base_url="https://ai.cyrionlabs.org/v1"
)

// Node.js
import OpenAI from 'openai';

const client = new OpenAI({
    apiKey: process.env.CYRIONAI_API_KEY,
    baseURL: 'https://ai.cyrionlabs.org/v1'
});

Security Best Practices

Never expose your API key in client-side code, public repositories, or logs.

Do’s ✅

  • Store API keys in environment variables
  • Use secure secret management systems
  • Rotate keys regularly
  • Monitor API usage for unusual activity
  • Use different keys for different environments (dev/staging/prod)

Don’ts ❌

  • Commit API keys to version control
  • Share keys in public forums or chat
  • Include keys in client-side JavaScript
  • Use the same key across multiple applications
  • Log API keys in application logs

API Key Management

Regenerating Your Key

If you suspect your API key has been compromised:
  1. Go to your dashboard
  2. Navigate to API Keys section
  3. Click “Regenerate Key”
  4. Update your applications with the new key
Regenerating your key will immediately invalidate the old key. Make sure to update all applications before regenerating.

Key Permissions

API keys have the following permissions:
  • Read access to your account information
  • Write access to create completions, images, videos, and transcriptions
  • Admin access (if granted) to manage users and grants

Rate Limits

Your API key determines your rate limits:
EndpointRate Limit
Chat Completions100 requests/minute
Image Generation20 requests/minute
Video Generation10 requests/minute
Audio Transcription50 requests/minute
Rate limits are per API key. Contact us if you need higher limits for your use case.

Error Responses

Invalid API Key (401)

{
  "error": {
    "message": "Invalid API key",
    "type": "invalid_request_error",
    "code": "invalid_api_key"
  }
}

Missing API Key (401)

{
  "error": {
    "message": "No API key provided",
    "type": "invalid_request_error",
    "code": "missing_api_key"
  }
}

Rate Limit Exceeded (429)

{
  "error": {
    "message": "Rate limit exceeded",
    "type": "rate_limit_error",
    "code": "rate_limit_exceeded"
  }
}

Testing Your Authentication

You can test your API key by making a simple request to the models endpoint: 
curl https://ai.cyrionlabs.org/v1/models \
  -H "Authorization: Bearer your-api-key"
If successful, you’ll receive a list of available models. If there’s an authentication issue, you’ll get an error response.

Need Help?

If you’re having trouble with authentication:
  • Check that your API key is correct and not expired
  • Ensure you’re using the correct header format (Bearer your-key)
  • Verify your account is active and not suspended
  • Contact support for assistance