DevelopersDocs
All API requests to Sonna.ai must be authenticated using a Bearer Token. Your API keys are unique to your account and should be kept secure.

Obtaining an API Key

You can manage your API keys through the Developer Dashboard.
  1. Go to the API Keys section.
  2. Click Generate New Key.
  3. Copy your key immediately. For security reasons, we do not store the plaintext key and you will not be able to see it again.

Using your API Key

Include your API key in the Authorization HTTP header of every request:
Authorization: Bearer sk-sonna-xxxxxxxxxxxxxxxx

Security Best Practices

  • Never share your API key. It gives full access to your character credits.
  • Do not hardcode keys in client-side code (frontend). Always call the Sonna API from your secure backend.
  • Revoke compromised keys immediately from the dashboard and generate a new one.

Error Codes

If your authentication fails, the API will return a 401 Unauthorized error:
json
{
  "error": "Invalid or revoked API Key"
}
NextAuthentication