> ## Documentation Index
> Fetch the complete documentation index at: https://docs.tokmodel.com/llms.txt
> Use this file to discover all available pages before exploring further.

# How to authenticate requests with the TokModel API

> Learn how to authenticate API requests using your TokModel API key, and understand the error responses returned for invalid or missing credentials.

Every request to the TokModel API must include your API key in the `Authorization` header. TokModel uses the standard Bearer token scheme, which is the same format used by the OpenAI API — so if you're migrating an existing integration, your authentication code works without modification. You can create and manage API keys from the [TokModel console](https://tokmodel.com/console).

## Passing your API key

Include your API key as a Bearer token in the `Authorization` header of every request:

```http theme={null}
Authorization: Bearer YOUR_API_KEY
```

The following examples show how to authenticate a chat completions request across common clients.

<CodeGroup>
  ```bash curl theme={null}
  curl https://tokmodel.com/v1/chat/completions \
    -H "Authorization: Bearer YOUR_API_KEY" \
    -H "Content-Type: application/json" \
    -d '{
      "model": "gpt-4o-mini",
      "messages": [{"role": "user", "content": "Hello"}]
    }'
  ```

  ```python Python theme={null}
  from openai import OpenAI

  client = OpenAI(
      api_key="YOUR_API_KEY",
      base_url="https://tokmodel.com/v1",
  )

  # The SDK sets the Authorization header automatically.
  response = client.chat.completions.create(
      model="gpt-4o-mini",
      messages=[{"role": "user", "content": "Hello"}],
  )
  ```

  ```javascript Node.js theme={null}
  import OpenAI from "openai";

  const client = new OpenAI({
    apiKey: "YOUR_API_KEY",
    baseURL: "https://tokmodel.com/v1",
  });

  // The SDK sets the Authorization header automatically.
  const response = await client.chat.completions.create({
    model: "gpt-4o-mini",
    messages: [{ role: "user", content: "Hello" }],
  });
  ```
</CodeGroup>

When using the OpenAI SDK, setting `api_key` (Python) or `apiKey` (Node.js) is all you need — the SDK formats and sends the `Authorization` header on your behalf.

## Error responses

TokModel returns standard HTTP status codes when authentication fails.

### 401 Unauthorized

Returned when your API key is missing or invalid. Check that the `Authorization` header is present and that the key value is correct.

```json theme={null}
{
  "error": {
    "message": "Invalid or missing API key.",
    "type": "authentication_error",
    "code": 401
  }
}
```

### 403 Forbidden

Returned when your API key is valid but your account does not have sufficient credits to complete the request. Top up your balance from the [console](https://tokmodel.com/console) to resume making requests.

```json theme={null}
{
  "error": {
    "message": "Insufficient credits. Please top up your account balance.",
    "type": "authorization_error",
    "code": 403
  }
}
```

## Managing API keys

You can create, rename, and revoke API keys at any time from the [API keys page](https://tokmodel.com/console) in your console. Revoking a key immediately invalidates it — any requests using that key will receive a `401` response.

<Note>
  Keep your API keys private. Do not include them in client-side code, public repositories, or logs. If a key is exposed, revoke it immediately and generate a new one from the console.
</Note>
