Authentication

The EnorAI API uses API keys for authentication. Create, manage, and rotate your API keys from the EnorAI Dashboard.

API keys

Remember that your API key is a secret! Do not share it with others or expose it in any client-side code (browsers, mobile apps). API keys should be securely loaded from an environment variable or key management service on the server.

API keys should be provided via HTTP Bearer authentication. Pass your API key in the Authorization header of every request:

Authorization: Bearer ENORAI_API_KEY

Security best practice

Ensure your API keys are never committed to client-side code, version control, or public repositories. Use environment variables or a secrets manager.

Environments

EnorAI provides separate API keys for sandbox and production environments:

Environment	Key Prefix	Usage
Sandbox	`enor_test_`	Development and testing
Production	`enor_live_`	Live clinical deployments

Rate limits

Sandbox keys are limited to 100 requests/minute. Production keys support up to 10,000 requests/minute with burst capacity.

Authentication

curl https://api.enorai.com/v1/health \
  -H "Authorization: Bearer ENORAI_API_KEY"
import enorai
 
client = enorai.Client(
  api_key="YOUR_KEY"
)
 
# All subsequent calls are authenticated
result = client.health_check()
import EnorAI from 'enorai-sdk';
 
const client = new EnorAI({
  apiKey: 'YOUR_KEY'
});
 
// All subsequent calls are authenticated
const result = await client.healthCheck();