Skip to main content
Every request to the Andi AI Search API must include an API key in the x-api-key header.

Getting an API key

  1. Sign in to the API Console
  2. Go to API Keys
  3. Click Create Key
  4. Copy the key — it’s only shown once

Setting up your environment

Store your API key as an environment variable rather than hardcoding it in your code.
Create a .env file in your project root:
ANDI_API_KEY=your-api-key
Load it in your code:
# Python (with python-dotenv)
from dotenv import load_dotenv
load_dotenv()

import os
api_key = os.environ["ANDI_API_KEY"]

// JavaScript (with dotenv)
import "dotenv/config";

const apiKey = process.env.ANDI_API_KEY;
Or export directly in your shell:
export ANDI_API_KEY="your-api-key"
Pass the key as an environment variable:
docker run -e ANDI_API_KEY=your-api-key your-image
Or use an env file:
docker run --env-file .env your-image
Add ANDI_API_KEY as a repository secret, then reference it in your workflow:
steps:
  - name: Run search
    env:
      ANDI_API_KEY: ${{ secrets.ANDI_API_KEY }}
    run: ./search-script.sh
Add ANDI_API_KEY in your project’s environment variables settings. These are automatically available as process.env.ANDI_API_KEY in your server-side code.

Managing keys

The API Console lets you:
  • Create multiple keys for different applications or environments
  • Rename keys to identify their purpose
  • Enable/disable keys without deleting them
  • Revoke keys that are no longer needed
Each key tracks its own usage. You can monitor request counts and credit consumption per key in the console.
Use separate API keys for development and production. This makes it easy to rotate keys, track usage per environment, and revoke a compromised key without affecting other environments.

Security practices

Treat API keys like passwords. Never commit them to version control or expose them in client-side code.
  • Store keys in environment variables or a secrets manager
  • Use separate keys for development and production
  • Rotate keys periodically
  • Revoke keys immediately if compromised
  • Restrict key access to team members who need it
  • Add .env to your .gitignore

Next steps

Fast search

Make your first search request.

Error handling

Handle authentication errors and other failures.