Authentication

Bearer token auth with inference keys or scoped management keys.

Inference keys (nf_live_*)

  • Used for POST /v1/chat/completions, /v1/embeddings, and playground proxy.
  • Scoped per key: model allowlist, daily spend cap, optional expiry.
  • Agent-scoped keys (bound to an agent) tag usage with agentId automatically.
  • Rotate from Dashboard → API Keys → Rotate — old key revoked immediately.

Management keys (mgk_*)

  • Used for dashboard REST APIs: keys, agents, usage export, routing rules.
  • Created under Dashboard → Mgmt Keys with explicit scopes (read, write, usage).
  • Never send management keys to the inference gateway — they will be rejected.
  • Rotate on the same page; update integrations before revoking the old key.
Header format
Authorization: Bearer nf_live_your_inference_key
# or
Authorization: Bearer mgk_your_management_key