Skip to Content

Authentication

All API requests require authentication via an API Key. OfoxAI uses a unified API Key that works across all three protocols.

Getting Your API Key

  1. Sign up and log in to the OfoxAI Console 
  2. Go to SettingsAPI Keys
  3. Click Create New Key
  4. Copy and securely store your API Key

The API Key is only displayed once at creation time. Make sure to save it securely. If lost, you’ll need to create a new one.

Authentication Methods

The authentication method varies slightly depending on the protocol you use:

The OpenAI compatible protocol uses the Authorization header:

Authorization: Bearer <your OFOXAI_API_KEY>
from openai import OpenAI
 
client = OpenAI(
    base_url="https://api.ofox.ai/v1",
    api_key="<your OFOXAI_API_KEY>"
)

Environment Variable Configuration

We recommend using environment variables to manage your API Key to avoid hardcoding:

.env
OFOX_API_KEY=<your OFOXAI_API_KEY>
 
# You can also set protocol-specific environment variables
OPENAI_API_KEY=<your OFOXAI_API_KEY>
OPENAI_BASE_URL=https://api.ofox.ai/v1
 
ANTHROPIC_API_KEY=<your OFOXAI_API_KEY>
ANTHROPIC_BASE_URL=https://api.ofox.ai/anthropic
 
GEMINI_API_KEY=<your OFOXAI_API_KEY>
GEMINI_BASE_URL=https://api.ofox.ai/gemini

Security Best Practices

  1. Use environment variables — Never hardcode API Keys in your source code
  2. Rotate keys regularly — We recommend rotating every 90 days
  3. Separate environments — Use different API Keys for development and production
  4. Monitor usage — Regularly check API usage and anomalous calls in the console
  5. Limit scope — Create separate API Keys for different projects for easier tracking and management

Never commit API Keys to Git repositories or expose them in client-side code. Use .gitignore to exclude .env files.