Authentication
Every request is authenticated with an API key (prefix sk_). Keys are scoped to your account, stored only as a hash, and revocable at any time.
1. Get a key
Sign in with Google or GitHub, open Account → API keys, and click Create new key. The plaintext is shown once — copy it immediately. Save it as an env var:
export SONIQO_API_KEY=sk_...2. Send the key
Two header forms are accepted and fully interchangeable. Use Bearer when you point an OpenAI or ElevenLabs SDK at Soniqo (their clients only send Authorization); use X-Api-Key for your own server-to-server calls.
Authorization: Bearer
curl https://api.soniqo.audio/v1/voices \
-H "Authorization: Bearer $SONIQO_API_KEY"X-Api-Key
curl https://api.soniqo.audio/v1/voices \
-H "X-Api-Key: $SONIQO_API_KEY"Because the Bearer form is accepted, the official OpenAI and ElevenLabs SDKs authenticate with no change beyond the base URL:
from openai import OpenAI
client = OpenAI(
base_url="https://api.soniqo.audio/v1",
api_key="sk_...", # sent as Authorization: Bearer
)3. Manage keys
Create and revoke keys in the console. Revoking a key takes effect immediately. Rotate keys periodically and use a separate key per service so you can revoke one without disrupting the others. Keep keys server-side — never embed them in a browser or mobile client.
4. Rate limits
The default soft limit is 1,000 requests/minute per IP. Over the limit returns 429 Too Many Requests; back off and retry. Synthesis and transcription throughput is also bounded by your plan’s concurrency — higher quotas are available on paid plans and via support.
5. Errors
Errors return a JSON body { "error": "…" } with a standard status code:
400— malformed request (bad JSON, wrong audio format, missing field).401— missing or invalid API key.402— out of credits; top up in the console.404— unknown id (job, voice, or resource).429— rate limited; back off and retry.503— transient backend unavailability; retry with backoff.
