Authentication

Authentication methods for the thinnestAI API.

Authentication

thinnestAI supports two authentication methods depending on your use case.

1. Auth0 JWT — Dashboard & Management

Used by the dashboard frontend and management API endpoints (creating agents, managing knowledge, etc.). Tokens are obtained via the Auth0 login flow.

curl https://api.thinnest.ai/v1/agents \
  -H "Authorization: Bearer YOUR_AUTH0_JWT"

2. Agent API Keys — External Chat

For external integrations where end users chat with your agents. API keys are scoped to a single agent and can only be used for the Chat endpoint.

curl -X POST https://api.thinnest.ai/v1/agents/ag_c47e7c97_b2f2/chat \
  -H "Authorization: Bearer ak_your_api_key" \
  -H "Content-Type: application/json" \
  -d '{"message": "Hello"}'

Key Formats

TypePrefixExampleUsed For
Agent API Keyak_ak_a1b2c3d4e5f6g7h8External chat with agents
Platform API Keythns_sk_thns_sk_abc123xyzPlatform-level access
Agent IDag_ag_c47e7c97_b2f2Identifying agents

Error Responses

CodeDescription
401Missing or invalid token/key
403Valid auth but insufficient permissions
429Rate limit exceeded
{
  "detail": "Invalid or expired authentication token"
}

Rate Limits

Auth TypeLimit
Auth0 JWT200 requests/minute
Agent API Key60 requests/minute per key

Get Configured Providers

Get list of BYOK providers with keys configured

On this page

Authentication1. Auth0 JWT — Dashboard & Management2. Agent API Keys — External ChatKey FormatsError ResponsesRate Limits