Skip to main content

Authentication

Learn how to authenticate your requests to the emma API.

API Keys

All API requests must include an API key in the Authorization header. 
Authorization: Bearer YOUR_API_KEY

Getting Your API Key

1

Sign in to emma

Go to app.emma.ai and sign in to your account.
2

Navigate to Settings

Click on your profile and select Settings.
3

Go to API section

Select the API tab in the settings menu.
4

Generate a key

Click Create API Key and give it a descriptive name.
Keep your API key secure! Never expose it in client-side code or public repositories.

Example Request

curl -X POST "https://api.emma.ai/v1/sessions" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"prompt": "Hello, emma!"}'

Key Management

Rotating Keys

For security, we recommend rotating your API keys periodically:
  1. Create a new API key
  2. Update your applications to use the new key
  3. Revoke the old key

Revoking Keys

To revoke an API key:
  1. Go to Settings > API
  2. Find the key you want to revoke
  3. Click Revoke
Revoking a key is immediate and cannot be undone. Make sure you’ve updated all applications using that key before revoking.

Security Best Practices

Use Environment Variables

Store API keys in environment variables, not in code.

Limit Permissions

Create keys with only the permissions you need.

Rotate Regularly

Rotate keys periodically and after any potential exposure.

Monitor Usage

Review API usage logs for unusual activity.