Authentication
How to authenticate requests to the Emcie API
The Emcie API uses API keys for authentication. Create, manage, and revoke API keys from the API Keys page in your account.
Remember that your API key is a secret. Do not share it with others or expose it in any client-side code (browsers, mobile apps, desktop apps). API keys should be loaded from an environment variable or a secrets manager on the server, and never checked into source control.
Bearer authentication
API keys should be provided via HTTP Bearer authentication:
Authorization: Bearer EMCIE_API_KEYWhen using Parlant with Emcie's NLP service, the SDK reads the key from the EMCIE_API_KEY environment variable and attaches this header for you:
export EMCIE_API_KEY="your-api-key-here"Example request
If you're calling the API directly — for example, from a custom client or for testing — pass the key as a Bearer token:
curl https://api.emcie.co/inference/v1/completions \
-H "Authorization: Bearer $EMCIE_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"model_tier": "jackal",
"model_role": "auto",
"prompt": "Hello, world"
}'Key rotation and revocation
If a key is leaked or exposed, revoke it immediately from the API Keys page. Revoked keys stop working within seconds and cannot be reactivated — generate a new key and update your environment. We recommend rotating production keys periodically as part of normal security hygiene.
ComplianceOur SOC 2 Type II audit is currently in progress. For details on how we handle your data and credentials, see our Trust Center.
Troubleshooting
| Status | Meaning |
|---|---|
401 | Missing Authorization header, or the API key is invalid or revoked. |
402 | Authentication succeeded, but the account has insufficient credits. |
403 | Account-level authorization failure (e.g., organization doesn't have access). |
429 | Rate limit exceeded. See Rate Limits. |
If you can't resolve an auth error, contact [email protected].
Updated about 1 month ago