Skip to main content

API Keys

SaveGate uses API keys to authenticate requests. You can obtain your API key from the SaveGate Dashboard after creating an account.
1

Create Account

Sign up at savegate.ai/signin
2

Generate API Key

Navigate to the API Keys section in your dashboard and click “Create New Key”
3

Copy Your Key

Copy the API key and store it securely - you won’t be able to see it again

Using Your API Key

Include your API key in the Authorization header of all API requests: 
from openai import OpenAI

client = OpenAI(
    api_key="sk-savegate-xxxxxxxxxxxxx",
    base_url="https://api.savegate.ai/v1"
)

Best Practices

  • Never commit API keys to version control
  • Use environment variables to store keys
  • Rotate keys regularly
  • Don’t share keys in public forums or chat
Store your API key in environment variables:
.env
SAVEGATE_API_KEY=sk-savegate-xxxxxxxxxxxxx
Then load it in your code:
Python
import os
from openai import OpenAI

client = OpenAI(
    api_key=os.getenv("SAVEGATE_API_KEY"),
    base_url="https://api.savegate.ai/v1"
)
Node.js
import OpenAI from 'openai';
import * as dotenv from 'dotenv';

dotenv.config();

const client = new OpenAI({
  apiKey: process.env.SAVEGATE_API_KEY,
  baseURL: 'https://api.savegate.ai/v1'
});
  • Generate a new API key periodically
  • Update your applications with the new key
  • Revoke the old key after migration
  • Set up key rotation alerts in your dashboard
  • Track API usage in your dashboard
  • Set up billing alerts
  • Monitor for unusual activity
  • Review access logs regularly

API Key Format

SaveGate API keys follow this format: 
sk-savegate-[random-string]
  • All keys start with sk-savegate-
  • The random string is 32 characters long
  • Keys are case-sensitive

Managing API Keys

Creating Additional Keys

You can create multiple API keys for different applications or environments:
  1. Go to your Dashboard
  2. Navigate to API Keys
  3. Click “Create New Key”
  4. Give it a descriptive name (e.g., “Production App”, “Development”)
  5. Copy and store the key securely

Revoking Keys

If an API key is compromised:
  1. Go to your Dashboard
  2. Navigate to API Keys
  3. Find the compromised key
  4. Click “Revoke” or the delete icon
  5. The key will be immediately deactivated
Revoking a key is permanent and will immediately stop all requests using that key. Make sure to update your applications before revoking active keys.

Error Handling

Common authentication errors and how to fix them:

401 Unauthorized

{
  "error": {
    "message": "Invalid API key",
    "type": "invalid_request_error",
    "code": "invalid_api_key"
  }
}
Causes:
  • API key is missing
  • API key is invalid or malformed
  • API key has been revoked
Solution: Verify your API key is correct and has not been revoked.

429 Rate Limit Exceeded

{
  "error": {
    "message": "Rate limit exceeded",
    "type": "rate_limit_error"
  }
}
Causes:
  • Too many requests in a short time period
  • Account limits exceeded
Solution: Implement exponential backoff and retry logic. Check your rate limits in the dashboard.

Security Recommendations

Use HTTPS Only

Always use HTTPS when making API calls to protect your API key in transit.

Backend Only

Never expose API keys in client-side code (frontend JavaScript, mobile apps).

Principle of Least Privilege

Use separate API keys for different environments and applications.

Monitor Activity

Regularly review API usage logs for suspicious activity.

Example: Secure Setup

Here’s a complete example of a secure setup: 
# config.py
import os
from dotenv import load_dotenv

load_dotenv()

SAVEGATE_API_KEY = os.getenv("SAVEGATE_API_KEY")
if not SAVEGATE_API_KEY:
    raise ValueError("SAVEGATE_API_KEY environment variable not set")

# main.py
from openai import OpenAI
from config import SAVEGATE_API_KEY

client = OpenAI(
    api_key=SAVEGATE_API_KEY,
    base_url="https://api.savegate.ai/v1"
)

def chat(message):
    try:
        response = client.chat.completions.create(
            model="gpt-4",
            messages=[{"role": "user", "content": message}]
        )
        return response.choices[0].message.content
    except Exception as e:
        print(f"Error: {e}")
        return None

Need Help?

If you’re having trouble with authentication: