Get Started
Authentication
Authentication is done via the header Authorization with a bearer token.
To get an API key join the waitlist. API keys are prefixed with sk_, for example: sk_{nanoID}.
Example:
$ curl -H 'Authorization: Bearer sk_NefoODAZoyA45KsLsQu6J' 'https://api.objective.inc/v1/.../'
Passing an invalid API key results in an HTTP 401.
Example:
$ curl -v 'https://api.objective.inc/v1/indexes/idx_-bIFxdfVdtFttrf84C44s/search?query=test' \
-H 'Authorization: Bearer sk_does-not-exist'
...
< HTTP/1.1 401 Unauthorized
< Date: Thu, 09 Nov 2023 21:10:00 GMT
< Content-Type: application/json
< Content-Length: 41
< Connection: keep-alive
< www-authenticate: Basic
<
* Connection #0 to host api.objective.inc left intact
{"detail":"Incorrect or expired API key"}
API Key types
| Key type | Permissions | ID Prefix |
|---|---|---|
| Secret key | read/write | sk_ |
| Client ID | read | client_id_ |
Client IDs are read-only, and can be exposed to end users. These are useful when calling the search API from the frontend of your application.
Secret keys have read/write permissions on all APIs, and thus can be used to modify data, create and delete indexes. These should be kept secret, and should never be exposed.
Managing API keys
You can manage API keys in the “API Keys” section of the console - https://app.objective.inc/dashboard/api-keys