API Authentication
Secure authentication for the Inspira API using API keys and secrets.
Overview
The Inspira API uses API key authentication to secure endpoints. All API requests must include valid authentication credentials in the request headers.
Authentication Methods
Bearer Token Authentication
The primary authentication method uses Bearer tokens in the Authorization header:
http
Authorization: Bearer inspira_your_api_key_hereCreating API Keys
Login to Dashboard
- Navigate to app.inspirahub.net
- Click on "Developer" in the main navigation
Generate New Key
- Go to the "API Keys" tab
- Click "Create New API Key" button
- Enter a descriptive name for your key
- Save the generated API key and secret securely
Key Format
- API keys follow the format:
inspira_xxxxxxxxxxxxx - Keys are 32 characters long (excluding prefix)
- Case-sensitive
- API keys follow the format:
Security Best Practices
Key Storage
- Never expose keys in client-side code
- Store keys in environment variables
- Use server-side proxy for web applications
- Rotate keys regularly
Environment Variables
bash
# .env file
INSPIRA_API_KEY=inspira_your_api_key_hereServer-Side Usage
javascript
// Node.js example
const apiKey = process.env.INSPIRA_API_KEY;
const response = await fetch('https://app.inspirahub.net/api/rest/chat', {
method: 'POST',
headers: {
'Authorization': `Bearer ${apiKey}`,
'Content-Type': 'application/json'
},
body: JSON.stringify(data)
});API Key Management
Key Properties
| Property | Description |
|---|---|
| Name | User-defined identifier for the key |
| Key | The actual API key string |
| Created | Timestamp of key creation |
| Last Used | Last time the key was used |
| Status | Active or Revoked |
Key Actions
- View: See key details (key value is masked)
- Rename: Update the key's descriptive name
- Revoke: Permanently disable the key
- Delete: Remove the key from your account
Rate Limiting
Each API key has rate limits:
- Default: 100 requests per minute
- Pro: 1000 requests per minute
- Enterprise: Custom limits
Rate limit information is returned in response headers:
http
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 95
X-RateLimit-Reset: 1703001600Error Responses
Invalid Authentication
json
{
"error": "Invalid API key",
"code": "INVALID_API_KEY",
"status": 401
}Missing Authentication
json
{
"error": "Missing API key",
"code": "MISSING_API_KEY",
"status": 401
}Revoked Key
json
{
"error": "API key has been revoked",
"code": "REVOKED_API_KEY",
"status": 401
}Testing Authentication
Test Endpoint
bash
curl -X GET https://app.inspirahub.net/api/rest/test \
-H "Authorization: Bearer inspira_your_api_key_here"Expected Response
json
{
"success": true,
"message": "Test endpoint is working!",
"timestamp": "2025-01-06T12:00:00.000Z",
"creditsUsed": 10,
"walletId": "0x...",
"endpoint": "/api/rest/test"
}Webhook Authentication
For webhook endpoints, include your API key in the webhook URL:
https://app.inspirahub.net/api/webhooks/callback?key=inspira_your_api_key_hereSDK Authentication
JavaScript/TypeScript
javascript
import { InspiraClient } from '@inspirahub/sdk';
const client = new InspiraClient({
apiKey: process.env.INSPIRA_API_KEY
});Python
python
from inspira import InspiraClient
client = InspiraClient(
api_key=os.environ.get('INSPIRA_API_KEY')
)Multi-Environment Setup
Development vs Production
javascript
const apiKey = process.env.NODE_ENV === 'production'
? process.env.INSPIRA_PROD_KEY
: process.env.INSPIRA_DEV_KEY;Key Scoping
- Create separate keys for different environments
- Use descriptive names: "Production API", "Development API", "Testing API"
- Monitor usage per key
Troubleshooting
Common Issues
"Invalid API Key" Error
- Verify key is copied correctly
- Check for extra spaces or characters
- Ensure key hasn't been revoked
"Rate Limit Exceeded"
- Check rate limit headers
- Implement exponential backoff
- Consider upgrading plan
"Insufficient Credits"
- Check credit balance in dashboard
- Purchase additional credits
- Monitor credit usage
Debug Headers
Include debug header for detailed error info:
http
X-Debug-Mode: true