⌘K
API Playground
API Reference

Authentication

Lumyx AI uses API keys to authenticate requests. Your API keys carry many privileges, so be sure to keep them secure.

Download README
Keep your API keys secure
  • Do not share your API keys publicly or commit them to version control
  • Use environment variables to store API keys in your applications
  • Rotate your API keys regularly
  • Monitor usage to detect unauthorized access

API Key Format

Lumyx AI API keys are 64-character strings that start with nova_:

API Key Format 
nova_1234567890abcdef1234567890abcdef1234567890abcdef1234567890ab

Each API key is unique and tied to your account. You can create multiple keys with different permissions and rate limits.

Authentication Methods

Bearer Token (Recommended)

Include your API key in the Authorization header as a Bearer token:

Authorization Header 
Authorization: Bearer nova_your_api_key_here
Example with curl 
curl -X POST https://api.lumyx-ai.site/v1/chat/completions \
  -H "Authorization: Bearer nova_your_api_key_here" \
  -H "Content-Type: application/json" \
  -d '{"model": "nova_1_1", "messages": [{"role": "user", "content": "Hello!"}]}'

Creating API Keys

You can create and manage API keys through the developer dashboard:

Step-by-step Guide

  1. Navigate to the API Keys dashboard - Go to Developer Dashboard
  2. Click "Create New API Key" - Open the API key creation modal
  3. Configure your API key - Name, rate limit, daily limit, and optional expiration
  4. Save your API key - Copy immediately - you won't see it again
Create API Key

API Key Permissions

Each API key has access to all Lumyx AI endpoints by default:

Endpoint Description Access
Chat CompletionsSend messages to Lumyx AI base models✓ Included
Agents ChatInteract with specialized AI personas✓ Included
ModelsList available AI models✓ Included
PersonasAccess public AI personas✓ Included
ConversationsManage conversation history✓ Included

Rate Limits

API keys have configurable rate limits to prevent abuse:

Per-minute Rate Limit

Maximum requests per minute (default: 60). Range: 1-1000 RPM

Daily Limit

Maximum requests per day (default: 1000). Range: 1-10000 per day

Rate Limit Headers

All API responses include rate limit headers. See the rate limits documentation for details.

Security Best Practices

Environment Variables

Store your API keys in environment variables, not in your code:

Environment Variables 
# .env file
NOVA_AI_API_KEY=nova_your_api_key_here

# In your application
const apiKey = process.env.NOVA_AI_API_KEY;

Key Rotation

Regularly rotate your API keys: Create new key → Update app → Test → Revoke old key

Monitor Usage

Check the usage analytics dashboard regularly. Set appropriate rate limits and monitor for spikes.

Authentication Errors

Status Code Description
401 UnauthorizedInvalid or missing API key
429 Too Many RequestsRate limit exceeded
403 ForbiddenAPI key expired or revoked

For detailed error handling guidance, see the error handling documentation.