Sudo uses Bearer token authentication. Every request must include your secret API key in the Authorization header:
Authorization: Bearer <SUDO_API_KEY>
You can create and manage keys within apps from the Developer Portal → My AI Apps section.
Treat your keys like passwords. Do not commit them to version-control or expose them in front-end code.

Using an API key

fetch('https://sudoapp.dev/api/v1/chat/completions', {
  method: 'POST',
  headers: {
    Authorization: 'Bearer <SUDO_API_KEY>',
    'Content-Type': 'application/json',
  },
  body: JSON.stringify({
    model: 'gpt-4o',
    messages: [{ role: 'user', content: 'Hello!' }],
  }),
});

Rotating or revoking keys

If a key is ever exposed you can disable or delete it from the portal and generate a new one immediately. Requests bearing a revoked key will receive a 401 error.

Minimum headers

Only two headers are required:
HeaderExampleNotes
AuthorizationBearer sk-abc123Required
Content-Typeapplication/jsonRequired