LLMBase | Docs

Authentication

How to authenticate requests to the LLMBase API using Bearer tokens.

Updated

Authenticated requests to https://api.llmbase.ai/v1/* must include a valid API key in the Authorization header using the Bearer scheme.

Inference API keys use the llmbase_... prefix and work at https://api.llmbase.ai/v1. They can spend prepaid inference credits or, when configured as subscription-backed keys, use an included subscription inference budget before optional prepaid overflow. Chat-agent keys use the llmbase_chat_... prefix, work only at https://llmbase.ai/api/v1/agents, and use a Pro chat subscription quota first. Do not use a chat-agent key with https://api.llmbase.ai/v1.

Key prefixValid base URLProductNotes
llmbase_...https://api.llmbase.ai/v1Inference APIPrepaid credits, subscription-included budget, or subscription overflow depending on key settings
llmbase_chat_...https://llmbase.ai/api/v1/agentsAgent integrationsUses Pro chat quota first; can spend inference credits only when prepaid overflow is enabled and Pro agent limits are reached

The legacy chat-agent base URL, https://llmbase.ai/api/chat-agent/v1, remains available for existing clients. New OpenClaw, Hermes, and OpenAI-compatible agent setups should use https://llmbase.ai/api/v1/agents.

Send the Bearer header on every API request, including model discovery. LLMBase uses Cloudflare in front of the API, and requests that include Authorization: Bearer ... are treated as API traffic and skip browser-style Cloudflare challenges before they reach the Worker.

Sending your API key

Authorization: Bearer <your-api-key>

curl

curl https://api.llmbase.ai/v1/chat/completions \
  -H "Authorization: Bearer $LLMBASE_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{ "model": "deepseek/deepseek-v4-flash", "messages": [{ "role": "user", "content": "Hi" }] }'

OpenAI SDK

Pass the key as apiKey when constructing the client. The SDK automatically adds the Authorization: Bearer header to every request, so SDK requests go through the API path instead of receiving a Cloudflare challenge page.

import OpenAI from "openai";

const client = new OpenAI({
  baseURL: "https://api.llmbase.ai/v1",
  apiKey: process.env.LLMBASE_API_KEY, // never hard-code keys
});

Credits and balance

Prepaid inference keys spend prepaid USD credits. Subscription-backed inference keys use their included inference budget first and can fall back to prepaid credits only when overflow is enabled. If a request needs prepaid credits and no balance is available, LLMBase returns 402 with insufficient_quota before running the model request.

Check the live API balance programmatically:

curl https://api.llmbase.ai/v1/balance \
  -H "Authorization: Bearer $LLMBASE_API_KEY"

Response

{
  "balance_usd_cents": 500
}

Add credits and configure auto top-up from Dashboard -> API Keys / Balance. Chat subscriptions and chat-agent keys do not add prepaid inference credits. If you enable prepaid overflow for chat-agent keys, exhausted Pro agent requests can spend the existing inference credit balance.

Keeping your key safe

  • Store keys in environment variables or a secrets manager — never commit them to source control.
  • Rotate keys immediately if you suspect they have been exposed.
  • Use one key per application so you can revoke them independently.

Error responses

A missing or invalid key returns a 401 response:

{
  "error": {
    "message": "Invalid API key",
    "type": "invalid_request_error",
    "code": "invalid_api_key"
  }
}
CodeMeaning
missing_api_keyNo Authorization header was sent
invalid_api_keyThe key was not recognised