Authentication

API keys

Every request to Tera authenticates with a bearer token. Keys look like sk-tera-<random> and are issued per-customer.

Authorization: Bearer sk-tera-...

Pass it in the Authorization header for every request. The OpenAI SDKs handle this via api_key=... / apiKey: ....

Requesting access

Request a key by emailing hello@tera.gw with a one-line description of what you’re building.

Errors

401 Unauthorized

missing or invalid key

Returned when the Authorization header is missing or the key is unknown or revoked.

{ "error": { "message": "missing or invalid API key", "type": "authentication_error" } }

403 Forbidden

key lacks access to model

Some keys are scoped to specific models. Requests to other models return 403.

Key rotation

Keys are revocable at any time. If you suspect a key has leaked, email us — we’ll issue a new one and revoke the old. We don’t currently rotate keys on a schedule.

What we log

For every request we record: timestamp, key name (not the secret), model, backend, status, duration, token counts, and a truncated copy of the prompt and response for debugging. See our privacy policy for retention details.

​API keys

​Requesting access

​Errors

​Key rotation

​What we log

API keys

Requesting access

Errors

Key rotation

What we log