Getting Started

Authentication

All HyperAPI requests are authenticated with an API key passed in the X-API-Key request header.

API key types

hk_live_

Production

Used for live API calls. Billed to your account. Store securely — never expose in client-side code.

hk_test_

Test mode (admin-issued)

Hit the same models as live keys, but bypass the live rate-limit ceiling (1,000 req/min) and skip billing entirely — no charges, no row in usage exports. Admin-issued only: contact your platform admin to obtain one. Useful for CI smoke tests and engaged-customer integration work.

Generate hk_live_ keys from your API Keys dashboard. hk_test_ keys are admin-issued — the Live/Test selector is visible only to platform admins.

Using your API key

Pass your key in the X-API-Key header on every request.

curl -X POST https://apis.hyperbots.com/v1/parse \
  -H "X-API-Key: hk_live_your_key_here" \
  -F "file=@invoice.pdf"

curl -X POST https://apis.hyperbots.com/v1/parse \
  -H "X-API-Key: hk_live_your_key_here" \
  -F "file=@invoice.pdf"

Security best practices

Protect your API keys

—Store keys in environment variables — never hardcode them in source.
—Never expose hk_live_ keys in client-side JavaScript or public repositories.
—Rotate keys immediately if you suspect compromise.
—For CI/CD that shouldn't consume billable usage, ask your platform admin for an hk_test_ key (admin-issued, 1,000 req/min, no billing).
—Create separate keys per environment (dev, staging, production).