Authentication
All requests require an Claudexia API key.
API key format
sk-aw-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxSupported auth headers
Anthropic-style requests
Use x-api-key:
bash
curl https://api.claudexia.tech/v1/messages \
-H "x-api-key: sk-aw-YOUR_KEY" \
-H "anthropic-version: 2023-06-01" \
-H "Content-Type: application/json" \
-d '{
"model": "claude-sonnet-4.5",
"max_tokens": 256,
"messages": [{"role": "user", "content": "Hi"}]
}'OpenAI-style requests
Use Authorization: Bearer:
bash
curl https://api.claudexia.tech/v1/chat/completions \
-H "Authorization: Bearer sk-aw-YOUR_KEY" \
-H "Content-Type: application/json" \
-d '{
"model": "claude-sonnet-4.5",
"messages": [{"role": "user", "content": "Hi"}]
}'Both methods work on the main API. The gateway checks x-api-key first and then falls back to Authorization: Bearer.
Per-key controls
Each key can be managed from Dashboard > API Keys:
| Setting | What it does |
|---|---|
| Rate limit | Caps requests per minute for that key |
| Allowed models | Restricts which model IDs the key may call |
| Allowed IDEs | Restricts by client / user-agent |
| IP whitelist | Restricts requests to selected IPs |
| Allowed origins | Restricts browser-origin usage |
| Usage limit | Caps total spend for that key |
| Streaming | Requests stream when the client sends "stream": true; send "stream": false for non-streaming |
Security tips
- Keep separate keys for personal use, apps, and automation
- Freeze or delete unused keys
- Use model restrictions on budget-sensitive projects
- Use IP whitelist or origin restrictions when needed
- Monitor per-key usage from the dashboard