Authentication
Aqta uses API keys for authentication. All API requests must include your API key in the request headers.
Getting Your API Key
1. Sign Up
Visit app.aqta.ai and create an account:
-
OAuth Signup (Recommended): Sign up with Google or Microsoft
- No credit card required
- Instant API key generation
- Start using immediately
-
Email Signup: Sign up with email and password
- Credit card required for verification (€0 charge)
- API key generated after payment verification
2. Navigate to API Keys
Once logged in:
- Click on Settings in the sidebar
- Navigate to API Keys
- Click Generate New Key
3. Copy Your API Key
Your API key will look like:
sk-aqta-1234567890abcdef1234567890abcdef
⚠️ Keep your API key secure! Never commit it to version control or share it publicly.
Using Your API Key
OpenAI SDK (Python)
import openai # Configure Aqta as your API base openai.api_base = "https://api.aqta.ai/v1" openai.api_key = "sk-aqta-your-key-here" # Use as normal response = openai.ChatCompletion.create( model="gpt-4", messages=[ {"role": "user", "content": "Hello!"} ] ) print(response.choices[0].message.content)
OpenAI SDK (JavaScript)
import OpenAI from 'openai'; const openai = new OpenAI({ baseURL: 'https://api.aqta.ai/v1', apiKey: 'sk-aqta-your-key-here', }); const response = await openai.chat.completions.create({ model: 'gpt-4', messages: [ { role: 'user', content: 'Hello!' } ], }); console.log(response.choices[0].message.content);
cURL
curl https://api.aqta.ai/v1/chat/completions \ -H "Content-Type: application/json" \ -H "Authorisation: Bearer sk-aqta-your-key-here" \ -d '{ "model": "gpt-4", "messages": [ {"role": "user", "content": "Hello!"} ] }'
API Key Management
Rotating Keys
For security, rotate your API keys regularly:
- Generate a new API key
- Update your applications to use the new key
- Delete the old key once migration is complete
Multiple Keys
You can create multiple API keys for different environments:
- Development:
sk-aqta-dev-... - Staging:
sk-aqta-staging-... - Production:
sk-aqta-prod-...
This allows you to:
- Track usage per environment
- Rotate keys without downtime
- Revoke access to specific environments
Revoking Keys
To revoke an API key:
- Navigate to Settings → API Keys
- Click the Delete button next to the key
- Confirm deletion
⚠️ Warning: Revoking a key will immediately stop all requests using that key.
Rate Limits
Rate limits vary by tier:
| Tier | Requests/Month | Rate Limit |
|---|---|---|
| Free | 500 | 5/min |
| Starter | 100,000 | 100/min |
| Pro | 1,000,000 | 1,000/min |
| Healthcare | 1,000,000 | 1,000/min |
See Rate limits for details.
Error Codes
401 Unauthorised
{ "error": { "message": "Invalid API key", "type": "invalid_request_error", "code": "invalid_api_key" } }
Solution: Check that your API key is correct and hasn't been revoked.
429 Too Many Requests
{ "error": { "message": "Rate limit exceeded", "type": "rate_limit_error", "code": "rate_limit_exceeded" } }
Solution: Reduce your request rate or upgrade your tier.
Security Best Practices
1. Never Commit API Keys
Add .env to your .gitignore:
# .gitignore .env .env.local *.env
2. Use Environment Variables
import os from dotenv import load_dotenv load_dotenv() openai.api_key = os.getenv("AQTA_API_KEY")
3. Rotate Keys Regularly
Rotate your API keys every 90 days or when:
- An employee leaves
- A key may have been compromised
- Moving to production
4. Use Different Keys Per Environment
Never use production keys in development or staging.
Next Steps
- API Endpoints - Available endpoints
- Rate Limits - Rate limit details
- Quick Start Guide - Get started in 5 minutes
Questions? Contact us at hello@aqta.ai