The Truffle AI API uses API keys to authenticate requests. You must include your API key in all API requests to our server.

API Keys

Authentication is performed via the x-api-key header:

x-api-key: YOUR_API_KEY

Keep your API keys secure! Do not share them in publicly accessible areas such as GitHub, client-side code, or blog posts.

Getting an API Key

To get an API key:

  1. Sign up for a Truffle AI account
  2. Navigate to the API section in your dashboard
  3. Generate a new API key

You can have multiple API keys active at once. This is useful for rotating keys or using different keys for development and production.

Using Your API Key

curl https://www.trytruffle.ai/api/v1/agents \
  -H "x-api-key: YOUR_API_KEY"

Error Handling

If authentication fails, you’ll receive a 401 Unauthorized response:

{
    "success": false,
    "error": "Invalid API key provided",
    "status": 401
}

Best Practices

Environment Variables

Store your API key in environment variables rather than hardcoding them

Key Rotation

Regularly rotate your API keys to maintain security

Separate Keys

Use different API keys for development and production environments

Access Control

Restrict API key access to only the services that need it