Authentication
All API requests must be authenticated using an API key.
API Key Format
Your API keys are prefixed with ak_live_ for production and ak_test_ for testing.
ak_live_demo_7JH8K92LMN34XYZabcdef123456Using the Authorization Header
Include your API key in the Authorization header using the Bearer scheme:
Authorization: Bearer ak_live_demo_YOUR_KEY_HEREExample Request
Here is a complete example with authentication:
curl -X POST https://api.pandalink.ai/v1/chat/completions \
-H "Authorization: Bearer ak_live_demo_7JH8K92LMN34XYZ" \
-H "Content-Type: application/json" \
-d '{
"model": "qwen3-14b",
"messages": [
{"role": "user", "content": "What is AI?"}
]
}'Error Responses
If authentication fails, you will receive one of these error responses:
401 Unauthorized
Invalid or missing API key
403 Forbidden
API key does not have permission
Security Best Practices
- Never expose your API key in client-side code
- Use environment variables to store your API key
- Rotate your API keys regularly
- Use separate keys for development and production
- Monitor your API usage for any unauthorized access