Authentication
Trunkate AI uses standard Bearer Token authentication strategies.
The Authorization Header
For every request to the HTTP API, you must include the Authorization header with your API key.
POST /v1/optimize HTTP/1.1
Host: api.trunkate.ai
Authorization: Bearer tk_live_...
Content-Type: application/jsonSecurity Best Practices
IMPORTANT
Key Rotation: You can rotate your keys at any time via the Dashboard. Old keys will remain active for 60 minutes to allow for zero-downtime migration.
- Environment Variables: Always store keys in
process.env. - Server-Side Only: Never use your Secret Key (
tk_live_) in a client-side application (React, iOS, Android).
Rate Limiting
Your API key rate limit is determined by your account plan.
| Plan | Capabilities | Rate Limit |
|---|---|---|
| Developer | Basic Optimization | 60 req/min |
| Pro | Advanced Heuristics, Priority Queue | 1,000 req/min |
| Enterprise | Custom SLA, Dedicated Infrastructure | Unlimited |
Last updated on