Get an API key
All calls to SotsAI are authenticated using an organization API key.
API keys identify your organization (not individual users) and are used for:
- authentication
- usage tracking
- billing and quota enforcement
Where to get an API key
Section titled “Where to get an API key”API keys are created from the SotsAI Admin page.
- Log in to the SotsAI Admin page
- Go to API Keys
- Click Create API key
- Copy the key — it will only be shown once
You can create multiple keys (for example: staging vs production).
How API keys are used
Section titled “How API keys are used”API keys must be sent on every request using the X-Sotsai-Api-Key header:
X-Sotsai-Api-Key: sotsai_proxxxxxxxxxxxxxxxxxAll endpoints are prefixed with /v1.
Base URL:
https://sil-api.sotsai.co/
Example request:
POST /v1/adviceHost: sil-api.sotsai.coX-Sotsai-Api-Key: sotsai_proxxxxxxxxxxxxxxxxxContent-Type: application/jsonKey scope and permissions
Section titled “Key scope and permissions”API keys are:
- scoped to a single organization
- not user-specific
- valid until explicitly revoked
All usage, billing, and quotas are tracked per organization, not per key.
Security best practices
Section titled “Security best practices”Recommended practices:
- store keys in environment variables
- never expose keys in frontend code
- rotate keys periodically
- use separate keys for staging and production
- revoke unused or compromised keys immediately
What happens if a key is invalid?
Section titled “What happens if a key is invalid?”If a key is missing, invalid, or revoked, the API will return an authentication error.
Typical error cases:
- missing
X-Sotsai-Api-Keyheader - unknown or deleted key
- organization suspended or inactive
- quota exceeded
See API Reference → Error codes for details.
Next step
Section titled “Next step”Once you have an API key, continue with:
-
Quickstart → First API call
Make your first request to/v1/advice. -
Quickstart → First tool call
Integrate SotsAI into an LLM tool-calling workflow.