Authentication
Authenticate OptimAI Search API requests with an API key.
Create or manage API keys at search.optimai.network/api-keys.
Send API keys in the X-API-Key header.
X-API-Key: sk-...Server-side only
Keep keys on your server. Browser clients should call your backend, and your backend should call OptimAI Search.
await fetch("https://api-onchain.optimai.network/v1/search", {
method: "POST",
headers: {
"X-API-Key": process.env.OPTIMAI_API_KEY ?? "",
"Content-Type": "application/json",
},
body: JSON.stringify({ query: "What is OptimAI Search?", limit: 3 }),
})Rotation
Rotate keys when a team member leaves, a key is exposed, or an application boundary changes.
Common mistakes
- Sending
Authorization: Bearer ...instead ofX-API-Key. - Reading the key from a client-side
NEXT_PUBLIC_orVITE_variable. - Forgetting to set the key in the production runtime after local testing.