Authentication
API Key Authentication
All FlowAPI requests must include a valid API key. You can create and manage API keys from the FlowAPI Console .
Include your API key in the Authorization header of every request:
Authorization: Bearer YOUR_FLOW_API_KEYUsing the OpenAI SDK
Because FlowAPI is OpenAI-compatible, you can authenticate with the standard OpenAI SDK by supplying your FlowAPI key and base URL.
Python
from openai import OpenAI
client = OpenAI(
api_key="YOUR_FLOW_API_KEY",
base_url="https://api.flowapi.net/v1"
)Node.js
import OpenAI from "openai";
const client = new OpenAI({
apiKey: "YOUR_FLOW_API_KEY",
baseURL: "https://api.flowapi.net/v1",
});cURL
curl https://api.flowapi.net/v1/chat/completions \
-H "Authorization: Bearer YOUR_FLOW_API_KEY" \
-H "Content-Type: application/json" \
-d '{"model": "gpt-4o", "messages": [{"role": "user", "content": "Hello"}]}'Environment Variables
We strongly recommend storing API keys as environment variables rather than hard-coding them.
export FLOW_API_KEY="sk_live_..."Then reference the variable in your application code:
import os
from openai import OpenAI
client = OpenAI(
api_key=os.environ["FLOW_API_KEY"],
base_url="https://api.flowapi.net/v1"
)Security Best Practices
Never expose your API key in client-side code, public repositories, or browser-accessible JavaScript. Treat API keys like passwords.
- Rotate keys regularly if you suspect any key has been compromised.
- Use separate keys for development and production environments.
- Set usage limits to reduce the risk of unexpected charges.
- Monitor activity in the Console to catch unusual usage patterns.
Rate Limits
Free tier accounts are limited to 50 requests per minute. Contact contact@flowapi.net if you need higher limits.
| Plan | Rate limit |
|---|---|
| Normal | 50 req/min |
| Pro | Contact us to Upgrade |
| Enterprise | Contact us to Upgrade |
Last updated on