Skip to main content
All Messaging API requests are authenticated using a network API key passed in the request header.

Network API Key

Your network API key is provided during onboarding or can be obtained from your AUI account manager through the AUI Console.

Required Headers

Every request must include:
HeaderDescriptionExample
x-network-api-keyYour network API keyyour-network-api-key
Content-TypeRequest body format (for POST requests)application/json
cURL

WebSocket Authentication

For WebSocket connections, pass the API key as a query parameter:
Invalid credentials will close the WebSocket connection with close code 1008 (Policy Violation).

CLI Authentication

The AUI CLI supports multiple authentication methods:
See CLI Installation for full authentication details.

Error Responses

Authentication failures return a 401 status:

Security Best Practices

1

Use environment variables

Store API keys in environment variables, never in source code.
2

Keep keys server-side

Never expose your network API key in client-side code. All API calls should be proxied through your backend.
3

Rotate keys when compromised

If a key is exposed, contact your AUI account manager to rotate it immediately.