Authentication
All sunor API requests require authentication via an API key passed in the x-api-key HTTP header.
Getting your API key
- Sign in to your sunor dashboard.
- Navigate to API Keys.
- Click Create API Key and give it a name.
- Copy the key immediately — it will only be shown once.
Using your API key
Include the x-api-key header in every request:
curl -X GET https://sunor.cc/api/v1/account/balance \
-H "x-api-key: YOUR_API_KEY"
Error responses
| Status | Meaning |
|---|
401 | Missing or invalid x-api-key header |
{
"code": 401,
"message": "Missing x-api-key header"
}
Security tips
Never expose your API key in client-side code. API keys should only be used in server-side applications or secure environments.
- Store your API key in environment variables, not in source code.
- Rotate keys periodically from the API Keys page.
- If you suspect a key has been compromised, delete it immediately and create a new one.
- Each key is tied to your account — anyone with the key can use your credits.
