Skip to main content

Authentication

Learn how to authenticate your requests with ModelPilot API.

ModelPilot uses API keys to authenticate requests. All API requests must include your API key and router ID.

Getting Your API Key

Steps to Generate an API Key
  1. Log in to your ModelPilot Dashboard
  2. Navigate to Settings (Click on your profile picture) → API Keys
  3. Click "Generate New API Key"
  4. Give your key a descriptive name (e.g., "Production App", "Development")
  5. Copy the API key immediately - you won't be able to see it again
Security Warning
  • Never commit API keys to version control (add to .gitignore)
  • Store keys in environment variables, not in code
  • Rotate keys regularly (every 90 days recommended)
  • Use separate keys for development, staging, and production
  • Revoke compromised keys immediately

Authentication Methods

SDK Authentication (Recommended)
Use the ModelPilot SDK for automatic authentication
javascript
import ModelPilot from 'modelpilot';

const client = new ModelPilot({
  apiKey: process.env.MODELPILOT_API_KEY,
  routerId: process.env.MODELPILOT_ROUTER_ID,
});

// All requests are automatically authenticated
const completion = await client.chat.completions.create({
  messages: [{ role: 'user', content: 'Hello!' }],
});
Direct API Calls
If calling the API directly without the SDK
bash
curl https://modelpilot.co/api/router/{routerId}/chat/completions \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -d '{
    "messages": [
      {"role": "user", "content": "Hello!"}
    ]
  }'

Environment Variables

Setup .env File
Store credentials securely

Create a .env file in your project root:

bash
# ModelPilot API Credentials
MODELPILOT_API_KEY=mp_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
MODELPILOT_ROUTER_ID=router_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

# Optional: Specify environment
NODE_ENV=production

Add .env to your .gitignore:

text
.env
.env.local
.env.*.local

Router ID

Every request must specify which router to use via the routerId in the URI path.

Finding Your Router ID

  1. Go to Dashboard → Routers
  2. Select your router
  3. Copy the Router ID from the router configuration page

Authentication Errors

401Unauthorized

Missing or invalid API key

json
{
  "error": {
    "message": "Invalid API key provided",
    "type": "authentication_error",
    "code": "invalid_api_key"
  }
}
403Forbidden

Valid API key but no access to the requested router

json
{
  "error": {
    "message": "You do not have access to this router",
    "type": "authorization_error",
    "code": "router_access_denied"
  }
}

Best Practices

Security Checklist
  • Use environment variables - Never hardcode credentials
  • Separate keys per environment - Different keys for dev/staging/prod
  • Rotate regularly - Change keys every 90 days
  • Monitor usage - Watch for unexpected API calls
  • Use HTTPS only - Never send keys over unencrypted connections
  • Implement rate limiting - Protect against abuse

Next Steps

Rate Limits
Understand usage limits and quotas
Error Handling
Handle errors and edge cases