Skip to main content

Overview

Steer AI uses API key-based authentication to secure access to our services. All API requests must include a valid API key in the request headers.

Getting Your API Keys

1. Access Your Dashboard

  1. Log in to your Steer AI Dashboard
  2. Navigate to SettingsAPI Keys
  3. Click Generate New API Key

2. API Key Types

Development Keys

• For testing and development • Limited rate limits • Sandbox environment access • Free tier available

Production Keys

• For live applications • Full rate limits • Production environment access • Requires paid plan

Authentication Methods

HTTP Header Authentication

Include your API key in the Authorization header: 
curl -X GET "https://api.steerai.autos/v1/inspections" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json"

Query Parameter Authentication

Alternatively, include the API key as a query parameter: 
curl -X GET "https://api.steerai.autos/v1/inspections?api_key=YOUR_API_KEY"
Security Note: Header authentication is recommended over query parameters to prevent API keys from appearing in server logs.

Environment Configuration

Development Environment

# .env file
STEER_AI_API_KEY=dev_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
STEER_AI_BASE_URL=https://api-sandbox.steerai.autos/v1

Production Environment

# .env file
STEER_AI_API_KEY=prod_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
STEER_AI_BASE_URL=https://api.steerai.autos/v1

SDK Authentication

Python SDK

from steer_ai import SteerAI

# Initialize client
client = SteerAI(api_key="YOUR_API_KEY")

# Or using environment variable
import os
client = SteerAI(api_key=os.getenv("STEER_AI_API_KEY"))

JavaScript SDK

import { SteerAI } from '@steerai/sdk';

// Initialize client
const client = new SteerAI({
  apiKey: 'YOUR_API_KEY'
});

// Or using environment variable
const client = new SteerAI({
  apiKey: process.env.STEER_AI_API_KEY
});

Testing Your Authentication

Quick Test

Use this endpoint to verify your authentication is working: 
curl -X GET "https://api.steerai.autos/v1/auth/test" \
  -H "Authorization: Bearer YOUR_API_KEY"
Expected Response: 
{
  "status": "success",
  "message": "Authentication successful",
  "account": {
    "id": "acc_1234567890",
    "name": "Your Company Name",
    "plan": "professional"
  }
}

Security Best Practices

• Store API keys in environment variables, never in code • Use different keys for development and production • Rotate keys regularly (recommended: every 90 days) • Immediately revoke compromised keys
• Always use HTTPS for API requests • Implement proper SSL certificate validation • Use IP whitelisting when possible • Monitor API usage for unusual patterns
• Limit API key permissions to minimum required • Use separate keys for different services • Implement proper error handling • Log authentication failures for monitoring

Rate Limiting

API keys have different rate limits based on your plan:
PlanRequests/HourConcurrent Requests
Free1,0005
Starter10,00020
Professional100,000100
EnterpriseUnlimitedCustom

Error Handling

Common Authentication Errors

{
  "error": {
    "code": "INVALID_API_KEY",
    "message": "The provided API key is invalid",
    "type": "authentication_error"
  }
}

{
  "error": {
    "code": "RATE_LIMIT_EXCEEDED",
    "message": "Rate limit exceeded. Try again in 60 seconds",
    "type": "rate_limit_error",
    "retry_after": 60
  }
}

Handling Authentication Errors

try:
    response = client.inspections.create(data)
except SteerAIAuthenticationError as e:
    # Handle authentication error
    print(f"Authentication failed: {e.message}")
except SteerAIRateLimitError as e:
    # Handle rate limit
    print(f"Rate limit exceeded. Retry after {e.retry_after} seconds")

Troubleshooting

API Key Not Working

  1. Verify the key format: Should start with dev_ or prod_
  2. Check environment: Ensure you’re using the correct base URL
  3. Confirm plan status: Verify your account is active
  4. Test with curl: Use the test endpoint above

Permission Denied

  1. Check key permissions: Ensure the key has required scopes
  2. Verify plan limits: Confirm you haven’t exceeded usage limits
  3. Review IP restrictions: Check if IP whitelisting is configured
Need help with authentication? Contact our support team at support@steerai.autos with your account ID (never share your API keys).