Authentication

All Ridum Labs API endpoints require an API key passed as a Bearer token in the Authorization header.

Getting an API key

Sign in to your Ridum Labs account
Go to API Keys
Click Create key and copy the value shown

The full key is only displayed once at creation time. If you lose it, revoke the key and generate a new one. Each account can have up to 5 active keys.

Key format

Keys are prefixed with rl_live_ followed by 32 hexadecimal characters. Treat them like passwords — store them in environment variables or a secret manager, never in source control.

text

rl_live_a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6

Sending an authenticated request

Include your key in the Authorization header on every request:

bash

curl https://iris.ridumlabs.com/api/v1/chat \
  -H "Authorization: Bearer rl_live_YOUR_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "model": "geo",
    "messages": [
      { "role": "user", "content": "Hello" }
    ]
  }'

Error responses

Status	Meaning	Response body
`401`	Missing or malformed Authorization header	`{ "error": "Missing API key" }`
`401`	Key is invalid, revoked, or wrong format	`{ "error": "Invalid API key" }`
`429`	Upstream model is overloaded — retry shortly	`{ "error": "..." }`
`503`	Upstream model unavailable — retry shortly	`{ "error": "..." }`

Revoking a key

Revoke a compromised or unused key on the API Keys page. Revoked keys are rejected immediately and cannot be reactivated.