API Keys - SLNG Documentation

Use an API key

All SLNG endpoints authenticate with a bearer token:

-H "Authorization: Bearer YOUR_API_KEY"

You will use the same API key across SLNG hosts:

API	Host	Use for
Gateway API	`https://api.slng.ai`	Real-time TTS, STT, bridges, pronunciation dictionaries
Voice Agents API	`https://api.agents.slng.ai`	Endpoints under `/v1/agents`
Batch API	`https://api.batch.slng.ai`	Asynchronous batch transcription endpoints

API keys are secrets. Store them server-side, never embed them in client code, and delete any key that may have been exposed.

Key lifecycle

Keys are created and deleted from the API Keys page in the Dashboard. The secret value is shown once at creation time. Copy it into your secret store immediately; you cannot retrieve it later.

Keys cannot be rotated in place. To replace a key without downtime:

Create the new key

Generate a new key in the Dashboard and store its secret value.

Roll callers over

Update each caller to use the new key: backend services, voice agents (via PATCH /v1/agents/{agent_id} if the key is stored on the agent), and any local environments. Verify traffic on the new key before continuing.

Delete the old key

Once no caller is using the old key, delete it from the Dashboard. Any request still presenting the deleted key will start failing with 401 Unauthorized.

Deleting a key invalidates it for all future requests. If a key may have been exposed, create a replacement first, then delete the compromised one.

​Use an API key

​Key lifecycle

Use an API key

Key lifecycle