Skip to main content
The Claro API uses API keys to authenticate requests. All API requests must include a valid API key in the Authorization header using Bearer authentication.

Getting Your API Key

1

Log into Claro

Navigate to claro.baytos.ai and sign in to your account
2

Access API Keys

Click API Keys from the sidebar navigation
3

Create New Key

Click Create API Key and give it a descriptive name (e.g., “Production Server”, “Development”)
4

Copy and Save

Copy the API key immediately and store it securely
You won’t be able to see the API key again after closing the dialog. If you lose it, you’ll need to create a new one.

API Key Format

API keys follow this format: 
sk_live_1234567890abcdefghijklmnopqrstuvwxyz1234567890
  • Prefix: sk_live_ for production keys, sk_test_ for test keys
  • Length: 50 characters total
  • Encoding: Base62 (alphanumeric)
Test keys (with sk_test_ prefix) are not yet available but will be coming soon for sandbox environments.

Making Authenticated Requests

Include your API key in the Authorization header using the Bearer scheme:

cURL Example

curl https://api.baytos.ai/v1/prompts \
  -H "Authorization: Bearer sk_live_your_api_key_here"

Python Example

Using the SDK (recommended): 
from baytos.claro import BaytClient

client = BaytClient(api_key="sk_live_your_api_key_here")
prompt = client.get_prompt("@workspace/my-prompt:v1")
Using requests library: 
import requests

headers = {
    "Authorization": "Bearer sk_live_your_api_key_here",
    "Content-Type": "application/json"
}

response = requests.get(
    "https://api.baytos.ai/v1/prompts",
    headers=headers
)

JavaScript Example

Using fetch: 
const response = await fetch('https://api.baytos.ai/v1/prompts', {
  headers: {
    'Authorization': 'Bearer sk_live_your_api_key_here',
    'Content-Type': 'application/json'
  }
});

const data = await response.json();
Using axios: 
import axios from 'axios';

const client = axios.create({
  baseURL: 'https://api.baytos.ai/v1',
  headers: {
    'Authorization': 'Bearer sk_live_your_api_key_here',
    'Content-Type': 'application/json'
  }
});

const response = await client.get('/prompts');

Environment Variables

Store your API key in environment variables rather than hardcoding it:

Bash/Zsh

export BAYT_API_KEY="sk_live_your_api_key_here"
Add to ~/.bashrc or ~/.zshrc to persist across sessions.

Python (.env file)

# .env
BAYT_API_KEY=sk_live_your_api_key_here
Load with python-dotenv: 
import os
from dotenv import load_dotenv
from baytos.claro import BaytClient

load_dotenv()

client = BaytClient(api_key=os.getenv("BAYT_API_KEY"))

Node.js (.env file)

# .env
BAYT_API_KEY=sk_live_your_api_key_here
Load with dotenv: 
require('dotenv').config();

const apiKey = process.env.BAYT_API_KEY;

Security Best Practices

Add your API keys to .gitignore:
# .gitignore
.env
.env.local
.env.production
Use environment variables or secret management services instead.
Create separate API keys for:
  • Development/testing
  • Staging
  • Production
This allows you to rotate keys without affecting all environments.
Create a new API key, update your application, then delete the old key.We recommend rotating production keys at least every 90 days.
Regularly audit your API keys in the Claro dashboard and delete any that are no longer needed.
Never expose API keys in client-side code (JavaScript in browsers, mobile apps, etc.).Always make API calls from your backend server.

Authentication Errors

401 Unauthorized

Your API key is missing or invalid: 
{
  "error": {
    "code": "unauthorized",
    "message": "Invalid API key"
  }
}
Solutions:
  • Verify the API key is correct
  • Check that you’re using the Bearer prefix
  • Ensure the key hasn’t been deleted from your Claro account

403 Forbidden

Your API key is valid but doesn’t have permission to access the resource: 
{
  "error": {
    "code": "forbidden",
    "message": "Insufficient permissions"
  }
}
Solutions:
  • Verify you have access to the workspace
  • Check that the prompt exists and you have permission to view it
  • Ensure your workspace subscription is active

Testing Authentication

Test your API key with the health endpoint: 
curl https://api.baytos.ai/v1/health \
  -H "Authorization: Bearer sk_live_your_api_key_here"
Expected response: 
{
  "status": "ok",
  "timestamp": "2024-01-15T10:30:00Z"
}

Next Steps

Rate Limits

Learn about API rate limits and how to handle them

Error Handling

Understand error responses and how to handle them

Quick Start

Get started making your first API call

Python SDK

Use the Python SDK for easier authentication