Authentication

Secure API access using API keys.

API Key

Most Om API routes require your API key in the `x-api-key` header. The public exception is `GET /v2/health`, which is useful for unauthenticated smoke checks. Rotate keys regularly and keep them out of source control.

Required headerBash
curl https://api.omtx.ai/v2/datasets/catalog \
  -H "x-api-key: YOUR_API_KEY_HERE"
Public health checkBash
curl https://api.omtx.ai/v2/health

Best practices

  • Keep keys in environment variables or a secrets manager.
  • Rotate keys regularly and revoke unused ones.
  • Use unique keys per environment.