Authentication

The Vantige AI SDK uses API key authentication. This guide covers how to obtain, manage, and use API keys securely.

API Key Types

Vantige provides two types of API keys:

Test Keys (`vk_test_...`)

Connect to the test environment
Safe for development and testing
No charges for API usage
Limited rate limits

Live Keys (`vk_live_...`)

Connect to the production environment
Used for production applications
Usage is metered and billed
Higher rate limits

Required Scope

All API keys must have the knowledgebase:read scope to use this SDK.

Using API Keys

Basic Usage

import { VantigeClient } from '@vantige-ai/typescript-sdk';

const client = new VantigeClient({
  apiKey: 'vk_test_your_api_key_here'
});

Environment Variables (Recommended)

For security, always use environment variables:

const client = new VantigeClient({
  apiKey: process.env.VANTIGE_API_KEY
});

Custom Base URL

You can override the API endpoint (useful for testing):

const client = new VantigeClient({
  apiKey: process.env.VANTIGE_API_KEY,
  baseUrl: 'https://custom-api.vantige.ai'
});

Security Best Practices

1. Never Commit API Keys

Add your .env file to .gitignore:

# Environment variables
.env
.env.local
.env.*.local

2. Use Different Keys for Different Environments

// config/vantige.ts
const apiKey = process.env.NODE_ENV === 'production'
  ? process.env.VANTIGE_LIVE_API_KEY
  : process.env.VANTIGE_TEST_API_KEY;

export const vantigeClient = new VantigeClient({ apiKey });

3. Rotate Keys Regularly

Implement key rotation in your application:

// Periodically update your API keys
// Store multiple keys and rotate between them
const keys = [
  process.env.VANTIGE_API_KEY_1,
  process.env.VANTIGE_API_KEY_2
];

const currentKeyIndex = getKeyRotationIndex();
const client = new VantigeClient({
  apiKey: keys[currentKeyIndex]
});

4. Restrict Key Access

Only grant API keys to services that need them
Use the principle of least privilege
Monitor API key usage regularly

Error Handling

The SDK provides specific error types for authentication issues:

try {
  const result = await client.query({
    corpusId: 'docs',
    query: 'How do I get started?'
  });
} catch (error) {
  if (error.code === 401) {
    console.error('Invalid API key');
  } else if (error.code === 403) {
    console.error('API key missing required scope');
  }
}

Obtaining API Keys

To get your API keys:

Sign up at vantige.ai
Navigate to your dashboard
Go to API Keys section
Create a new key with knowledgebase:read scope
Copy the key immediately (it won't be shown again)

Next Steps

Making Queries - Learn how to query knowledge bases
Error Handling - Handle authentication errors gracefully
Examples - See authentication in action

API Key Types​

Test Keys (vk_test_...)​

Live Keys (vk_live_...)​

Required Scope​

Using API Keys​

Basic Usage​

Environment Variables (Recommended)​

Custom Base URL​

Security Best Practices​

1. Never Commit API Keys​

2. Use Different Keys for Different Environments​

3. Rotate Keys Regularly​

4. Restrict Key Access​

Error Handling​

Obtaining API Keys​

Next Steps​