Learn how to authenticate your API requests using API keys.
All API requests must be authenticated using an API key. API keys are team-scoped, meaning each key is associated with a specific team and can only access that team's data.
Include your API key in the Authorization header as a Bearer token:
curl -X GET "https://gateway.thekairos.app/v1/tasks" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json"When using an SDK, authentication is handled automatically:
import { Kairos } from '@kairos-connect/sdk';
const kairos = new Kairos({
apiKey: process.env.KAIROS_API_KEY, // Always use environment variables
});
// The SDK handles authentication automatically
const tasks = await kairos.tasks.list();API keys use scopes to control access to different resources. When creating a key, select only the scopes your integration needs.
| Scope | Description |
|---|---|
read:tasks | View tasks in your team |
write:tasks | Create, update, and delete tasks |
read:goals | View goals and progress |
write:goals | Create, update, and delete goals |
read:comments | View comments on tasks and goals |
write:comments | Create, update, and delete comments |
read:team | View team information and members |
read:documents | View documents in your team |
API requests are rate limited to prevent abuse. Limits are applied per API key.
| Plan | Per Minute | Per Hour |
|---|---|---|
| Free | 20 | 200 |
| Pro | 60 | 1,000 |
| Enterprise | 300 | 5,000 |
Rate limit information is included in response headers:
Authentication errors return a 401 Unauthorized status:
{
"error": {
"code": "unauthorized",
"message": "Invalid or expired API key",
"request_id": "req_abc123"
}
}| Error Code | Description |
|---|---|
unauthorized | Missing or invalid API key |
forbidden | API key lacks required scope |
rate_limit_exceeded | Too many requests |
key_expired | API key has expired |
key_revoked | API key has been revoked |