Skip to main content
Every request to the Wraith API must include a valid API key. The key identifies your account, enforces rate limits, and scopes all agents and data to your workspace. Requests sent without a key — or with an invalid one — receive a 401 Unauthorized response.

Get an API key

Sign up at wraith.dev and navigate to Settings → API Keys to generate your key. Keys are prefixed with wraith_live_ for production. Store your key in an environment variable; never commit it to source control.

Authenticate requests

Pass your key in the Authorization header as a Bearer token on every request.
Authorization
string
required
Your Wraith API key in the format Bearer wraith_live_....
curl https://api.wraith.dev/agents \
  --header "Authorization: Bearer wraith_live_abc123"

Bring your own model (BYOM)

By default, agents use Wraith-managed Gemini inference. If you want to use your own OpenAI or Anthropic account instead, pass two additional headers. These are optional — omitting them falls back to the managed model.
X-AI-Provider
string
The AI provider to use. Accepted values: openai, claude, gemini.
X-AI-Key
string
Your API key for the chosen AI provider.
curl https://api.wraith.dev/agent/AGENT_ID/chat \
  --request POST \
  --header "Authorization: Bearer wraith_live_abc123" \
  --header "X-AI-Provider: openai" \
  --header "X-AI-Key: sk-..." \
  --header "Content-Type: application/json" \
  --data '{"message": "What is my balance?"}'

Authentication errors

If your key is missing or invalid, the API returns a 401 response:
401 response
{
  "message": "Invalid API key",
  "statusCode": 401
}
API keys grant full access to your agents and funds. Rotate a key immediately if it is exposed. You can generate a new key from the Wraith dashboard at any time.