Get your API key
Create an API Key
Navigate to API Keys and create a new API Key Copy key
Copy your API key
Use your API key
Pass your API key when making requests:
import { createDecartClient } from "@decartai/sdk";
const client = createDecartClient({
apiKey: process.env.DECART_API_KEY
});
Best practices
Never hardcode API keys in your code. Use environment variables.
- Store keys in environment variables
- Rotate keys regularly
- Use different keys for development and production
Realtime client-side authentication
For browser and mobile apps, use client tokens (ek_...) instead of your permanent key (sk-...).
Do not expose permanent API keys in frontend bundles. Always mint short-lived client tokens from your backend.
import { createDecartClient } from "@decartai/sdk";
const client = createDecartClient({ apiKey: process.env.DECART_API_KEY });
const token = await client.tokens.create();
See Client Tokens for the complete backend-to-frontend flow and token rotation strategy. Need help?
