All Vinci API requests require a Bearer token.
HTTP Header
Authorization: Bearer sk-your-api-key-here
Tip Keep your API key secret. Never expose it in client-side code. Use environment variables or a secure vault.

Example: Authenticated request

curl -X GET "https://tryvinci.com/api/v1/billing/balance" \
  -H "Authorization: Bearer sk-your-api-key-here"

Best practices

  • Rotate keys periodically and keep separate keys for dev/staging/prod.
  • Set rate limits appropriately for each environment.
  • Monitor usage and last_used to detect stale keys.