Every request to the Deepshi API is authenticated with an API key sent as a bearer token.
API keys
You create and manage keys from your Deepshi dashboard. A key:
- Is shown only once, at creation. Store it immediately, because Deepshi can’t show it to you again.
- Does not expire. It stays valid until you rotate, revoke, or delete it.
Your key is a secret. Keep it server-side, load it from an environment
variable, and never ship it in browser or mobile client code. If a key leaks,
rotate or delete it from the dashboard right away.
Authenticating requests
Send the key in the Authorization header as a bearer token:
Authorization: Bearer YOUR_DEEPSHI_API_KEY
curl https://api.deepshi.ai/v1/chat/completions \
-H "Authorization: Bearer $DEEPSHI_API_KEY" \
-H "Content-Type: application/json" \
-d '{"model": "deepshi-3.0", "messages": [{"role": "user", "content": "Hi"}]}'
DEEPSHI_API_KEY in your environment. Set it with:
export DEEPSHI_API_KEY="YOUR_DEEPSHI_API_KEY"
Rotating and revoking keys
From the dashboard you can:
- Rotate a key to issue a new value and immediately invalidate the old one. Use this if a key may be compromised.
- Revoke a key to disable it without deleting it. Requests with a revoked key return
403.
- Delete a key to remove it permanently.
Authentication errors
| Status | Meaning | What to do |
|---|
401 Unauthorized | Missing, malformed, or unknown key | Check the Authorization header and that the key is correct. |
403 Forbidden | Key was revoked or inactive | Use an active key. |
402 Payment Required | Out of credits | Top up your balance. |
