Skip to main content

Overview

Anannas uses Bearer token authentication via the Authorization header. All API requests require a valid API key.

API Keys

API keys are generated in the Anannas dashboard. Each key is associated with:
  • User account and organization
  • Credit limits and billing
  • Rate limits based on tier
  • Usage tracking and analytics

Authentication Header

Include your API key in the Authorization header: 
Authorization: Bearer <ANANNAS_API_KEY>

Example

import requests

response = requests.post(
  "https://api.anannas.ai/v1/chat/completions",
  headers={
    "Authorization": "Bearer sk-...",
    "Content-Type": "application/json",
  },
  json={
    "model": "openai/gpt-5-mini",
    "messages": [{"role": "user", "content": "Hello"}]
  }
)

Security Best Practices

Store Keys Securely

Never commit API keys to version control. Use environment variables: 
import os
api_key = os.getenv("ANANNAS_API_KEY")

const apiKey = process.env.ANANNAS_API_KEY;

export ANANNAS_API_KEY="sk-..."
curl -H "Authorization: Bearer $ANANNAS_API_KEY" ...

Key Rotation

If a key is compromised:
  1. Immediately revoke the key in the dashboard
  2. Generate a new key
  3. Update your application configuration
  4. Monitor for unauthorized usage

Key Scope

API keys have full access to:
  • All models available to your account
  • Credit balance and billing
  • Usage analytics
  • Rate limit quotas
Restrict key access at the application level if needed.

Error Responses

401 Unauthorized

Invalid or missing API key: 
{
  "error": {
    "message": "Authentication required",
    "type": "authentication_error"
  }
}
Common causes:
  • Missing Authorization header
  • Invalid key format
  • Revoked or expired key
  • Key not associated with active account

402 Payment Required

Insufficient credits: 
{
  "error": {
    "message": "Insufficient credits",
    "type": "insufficient_quota_error"
  }
}

Multiple Keys

You can create multiple API keys for:
  • Different environments (development, staging, production)
  • Different applications or services
  • Team members with separate usage tracking
Each key maintains independent usage statistics.

Key Management

Manage keys in the dashboard:
  • Create new keys
  • Revoke existing keys
  • View key usage and statistics
  • Set key-specific rate limits (if supported)

Testing Authentication

Verify your API key: 
curl https://api.anannas.ai/v1/models \
  -H "Authorization: Bearer $ANANNAS_API_KEY"
A successful response confirms authentication is working.