Authentication and Rate Limits

Every request to access the Haiku Enterprise API must include a valid API key in the request headers. This ensures secure and authenticated interactions with the API.

How to Get an API Key

1. Contact [email protected] to request an API key

2. Complete the integration questionnaire to verify usage requirements

3. Receive both production and sandbox API keys.

Using your API key

Once you have your API key, include it in every request as a bearer token in the api-key header.

api-key: <YOUR_API_KEY>

🚨 Your Security is Important

• Never expose your API key in client-side applications

• Store API keys securely in backend services or environment variables

• If an API key is compromised, revoke it immediately and request a new one.

Future enhancements

• OAuth-based authentication (coming soon)

• Role-based access control for different API functions

To ensure fair usage and maintain system performance, the Haiku Enterprise API enforces the following rate limits

Current rate limits

If the rate limit is exceeded, the AI will return a 429 - Too Many Requests error.

Rate Limit Best Practices

Follow these guidelines to avoid hitting rate limits:

1. Use caching: reduce redundant API calls by caching responses where possible.

2. Implement exponential backoff: when receiving 429 - Too Many Requests, wait and retry with increasing intervals.