Skip to content

Authentication

All API requests require authentication using an API key.

Getting an API Key

  1. Sign up at beginswithai.com
  2. Navigate to the api key management page in your dashboard
  3. Click to generate a new API key
  4. Copy the key immediately (you won't see it again)

Tip

Free tier users can start using the API immediately after signup—no credit card required.

Using Your API Key

Include your API key in the Authorization header of every request:

Authorization: Bearer YOUR_API_KEY
Python
import requests

headers = {
    "Authorization": "Bearer YOUR_API_KEY",
    "Content-Type": "application/json"
}

response = requests.post(
    "https://app.beginswithai.com/v1/ai",
    json={"model": "gpt-5.1", "prompt": "Hello"},
    headers=headers
)
JavaScript
const headers = {
    "Authorization": "Bearer YOUR_API_KEY",
    "Content-Type": "application/json"
};

const response = await fetch("https://app.beginswithai.com/v1/ai", {
    method: "POST",
    headers: headers,
    body: JSON.stringify({
        model: "gpt-5.1",
        prompt: "Hello"
    })
});
cURL
curl -X POST https://app.beginswithai.com/v1/ai \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"model": "gpt-5.1", "prompt": "Hello"}'

Managing API Keys

Creating Keys

  • Free tier: 1 API key
  • Starter: Up to 3 API keys
  • Scale: Up to 10 API keys
  • Enterprise: Unlimited API keys

Deleting Keys

You can delete API keys at any time from beginswithai.com/api-keys.html. Deleted keys stop working immediately.

Security Best Practices

  • Never commit API keys to version control
  • Use environment variables to store keys
  • Rotate keys periodically
  • Delete unused keys
  • Use separate keys for development and production
Python
import os
import requests

API_KEY = os.getenv("BWA_API_KEY")

headers = {
    "Authorization": f"Bearer {API_KEY}",
    "Content-Type": "application/json"
}
JavaScript
const API_KEY = process.env.BWA_API_KEY;

const headers = {
    "Authorization": `Bearer ${API_KEY}`,
    "Content-Type": "application/json"
};

Authentication Errors

If authentication fails, you'll receive a 401 Unauthorized or 403 Forbidden response.

Common causes:

  • Missing Authorization header
  • Invalid API key
  • Deleted or revoked API key
  • Malformed header format

Example error response:

{
    "error": "Unauthorized",
    "message": "No valid plan found for this API key"
}

For detailed error handling strategies and retry logic, see Error Handling.

Rate Limits

Authentication is tied to your account. Rate limits apply across all your API keys.

See Rate Limits for details.