Secure access
验证
Use Omixa API keys as Bearer tokens, keep them server-side, scope them to allowed models, and rotate them whenever access changes.
API 密钥
Developer keys start with the Omixa prefix and are displayed only once. Store the value in your secret manager and never ship it to a browser or mobile client.
- Create keys from Dashboard -> API Keys.
- Use separate keys for production, staging, and tests.
- Revoke keys immediately when a deployment, employee, or vendor no longer needs access.
Authorization header
Every API request must include the Bearer token.
Authorization: Bearer omx_live_your_key Content-Type: application/json
Model restrictions
If a key is restricted to specific models, Omixa rejects all other models before wallet reservation. This lets teams safely expose limited capabilities to applications or customers.