TheazoTheazo
Get Started

Authentication

Theazo uses API keys for all requests. Keys are prefixed by environment so you always know which one you are using.

Key types

Every platform gets two key environments. Both authenticate identically — the prefix determines whether the request provisions real compute or returns mock data.

Live keys

Live keys begin with th_live_. They provision real compute, record usage, and generate billing events. Use these only in production server-side code — never expose them in a browser bundle.

Test keys

Test keys begin with th_test_. They return realistic mock responses but never touch a provider, never record usage, and never generate billing events. Safe to use in CI, staging, and local development.

Live key

th_live_a1b2c3d4e5f6...
  • + Provisions real compute
  • + Records usage and billing
  • + Fires webhooks
  • — Never expose client-side

Test key

th_test_a1b2c3d4e5f6...
  • + Safe in CI / staging
  • + Returns realistic mock data
  • + No billing impact
  • — No real compute provisioned

SDK usage

Pass your key to the constructor. The SDK attaches it as a Bearer token on every request automatically. The same constructor accepts both live and test keys.

theazo.ts
import { Theazo } from class="cb-str">'theazo'

const theazo = new Theazo({
  apiKey: process.env.THEAZO_API_KEY!, class="cb-cmt">// th_live_... or th_test_...
})

Direct API usage

If you are calling the REST API directly, supply the key in the Authorization header as a Bearer token. All endpoints require authentication.

curl https:class="cb-cmt">//api.theazo.com/v1/sessions \
  -H class="cb-str">"Authorization: Bearer th_live_..." \
  -H class="cb-str">"Content-Type: application/json"
GET/v1/sessions

List sessions for the authenticated platform. Requires a valid API key in the Authorization header.

Response

{ sessions: Session[], total: number }

Example

bash
curl https:class="cb-cmt">//api.theazo.com/v1/sessions \
  -H class="cb-str">"Authorization: Bearer th_live_..." \
  -G \
  --data-urlencode class="cb-str">"limit=20"

Managing keys

API keys are managed from Settings → API Keys in the dashboard. You can create multiple keys (e.g., one per service), label them, and revoke individual keys without rotating others.

The full key is shown exactly once — at creation time. After that, only the prefix (e.g., th_live_a1b2...) is visible. Store keys in a secrets manager immediately after creation.

# Rotate a key safely:
# class="cb-num">1. Create a new key in Settings → API Keys
# class="cb-num">2. Deploy with the new key
# class="cb-num">3. Revoke the old key once traffic confirms the new one is active
Never expose live API keys in client-side code, public repositories, or build logs. Keys embedded in a browser bundle give anyone full access to your platform account. Always load them from server-side environment variables.

Authentication errors

A missing or invalid key returns a 401 with error code auth/invalid_key. A revoked key returns auth/key_revoked. Always include the requestId when contacting support.

error-handling.ts
import { TheazoError } from class="cb-str">'theazo'

try {
  const session = await theazo.sessions.forUser(class="cb-str">'user_123')
} catch (err) {
  if (err instanceof TheazoError) {
    console.log(err.code)      class="cb-cmt">// 'auth/invalid_key'
    console.log(err.status)    class="cb-cmt">// 401
    console.log(err.requestId) class="cb-cmt">// 'req_...' — include in support tickets
  }
}
PreviousConfigurationNextSessions
Was this page helpful?
Ask anything...⌘I