Sudo uses Bearer token authentication. Every request must include your secret API key in the Authorization header:
Authorization: Bearer <SUDO_API_KEY>
You can create and manage keys within apps from the Developer Portal → My AI Apps section.
Treat your keys like passwords. Do not commit them to version-control or expose them in front-end code.
Using an API key JavaScript / TypeScript
Python
curl
fetch ( 'https://sudoapp.dev/api/v1/chat/completions' , { method: 'POST' , headers: { Authorization: 'Bearer <SUDO_API_KEY>' , 'Content-Type' : 'application/json' , }, body: JSON . stringify ({ model: 'gpt-4o' , messages: [{ role: 'user' , content: 'Hello!' }], }), });
Rotating or revoking keys If a key is ever exposed you can disable or delete it from the portal and generate a new one immediately. Requests bearing a revoked key will receive a 401 error.
Only two headers are required:
Header Example Notes AuthorizationBearer sk-abc123Required Content-Typeapplication/jsonRequired
