Skip to content

Authentication

All API requests (except /health) require an API key.

Passing Your API Key

Include your key in the x-api-key header:

curl https://api.consus.io/v1/models \
  -H "x-api-key: YOUR_API_KEY"

When using the OpenAI SDK, pass it via default_headers:

client = OpenAI(
    base_url="https://api.consus.io/v1",
    api_key="dummy",  # Required by SDK but not used
    default_headers={"x-api-key": "YOUR_API_KEY"},
)

The SDK's api_key parameter sends a Bearer token in the Authorization header. Consus Gateway uses the x-api-key header instead (managed by AWS API Gateway), so api_key can be set to any non-empty string.

Rate Limits

Each API key is assigned to a usage plan with:

Limit Default
Rate limit 100 requests/second
Burst limit 200 requests
Monthly quota 10,000 requests/month

These limits are enforced at the API Gateway level. Requests that exceed limits receive a 429 response before reaching the application.

Error Responses

Status Code Meaning
403 Forbidden Invalid or missing API key
429 Too Many Requests Rate limit or monthly quota exceeded

Error responses follow the OpenAI error format:

{
  "error": {
    "message": "Forbidden",
    "type": "invalid_request_error"
  }
}

Key Management

API keys are provisioned by your account administrator. To request a new key, rotate an existing key, or adjust rate limits, contact your administrator.