Authentication
API keys and securing your Memoid integration
Memoid uses API keys to authenticate requests.
Getting Your API Key
- Log in to your dashboard
- Navigate to your project settings
- Copy your API key
Your key will look like:
mem_sk_live_xxxxxxxxxxxxxxxxxxxxUsing Your API Key
Include the key in the Authorization header:
curl -X POST https://api.memoid.dev/v1/memories
-H "Authorization: Bearer mem_sk_live_xxxx"
-H "Content-Type: application/json"
-d '{"messages": [...]}'Or use the SDK:
from memoid import MemoryClient
client = MemoryClient("mem_sk_live_xxxx")Key Types
| Type | Prefix | Use Case |
|---|---|---|
| Live | mem_sk_live_ | Production applications |
| Test | mem_sk_test_ | Development and testing |
Test keys use isolated data and don’t count toward usage limits.
Security Best Practices
Never expose keys in client-side code
API keys should only be used server-side. Never include them in:
- JavaScript bundles
- Mobile app code
- Public repositories
Use environment variables
import os
from memoid import MemoryClient
client = MemoryClient(os.environ["MEMOID_API_KEY"])Rotate keys regularly
Generate new keys periodically and revoke old ones.
Use separate keys per environment
Create different keys for development, staging, and production.
Rate Limits
| Plan | Requests/minute | Memories/month |
|---|---|---|
| Free | 60 | 10,000 |
| Pro | 600 | 100,000 |
| Enterprise | Unlimited | Unlimited |
Rate limit headers are included in all responses:
X-RateLimit-Limit: Maximum requests per minuteX-RateLimit-Remaining: Requests remainingX-RateLimit-Reset: Timestamp when limit resets
Troubleshooting
401 Unauthorized
- Check that your API key is correct
- Ensure the key hasn’t been revoked
- Verify the
Authorizationheader format
429 Too Many Requests
- You’ve exceeded rate limits
- Wait for the reset time or upgrade your plan