Basics
Authentication
The SEDI API uses Bearer token authentication. Include your API key in the Authorization header of every request.
API keys
| Type | Prefix | Usage |
|---|---|---|
| Live | sk_live_ | Production requests |
| Test | sk_test_ | Development and testing |
Sending your key
curl https://api.sedi.dev/v1/users \
-H "Authorization: Bearer sk_live_abc123def456"const client = new SEDI('sk_live_abc123def456');from sedi import SEDI
client = SEDI(api_key="sk_live_abc123def456")client := sedi.NewClient("sk_live_abc123def456")Rate limit headers
Every response includes rate limit information:
| Header | Description |
|---|---|
X-RateLimit-Limit | Maximum requests per minute |
X-RateLimit-Remaining | Remaining requests in current window |
X-RateLimit-Reset | Unix timestamp when the window resets |
Best practices
- Rotate keys every 90 days
- Use separate keys for development and production
- Never expose keys in client-side code
- Use environment variables or a secret manager