Documentation

Authentication

Every request is authenticated with an API key (prefix sk_). Keys are scoped to your account, stored only as a hash, and revocable at any time.

1. Get a key

Sign in with Google or GitHub, open Account → API keys, and click Create new key. The plaintext is shown once — copy it immediately. Save it as an env var:

export SONIQO_API_KEY=sk_...

2. Send the key

Two header forms are accepted and fully interchangeable. Use Bearer when you point an OpenAI or ElevenLabs SDK at Soniqo (their clients only send Authorization); use X-Api-Key for your own server-to-server calls.

Authorization: Bearer

curl https://api.soniqo.audio/v1/voices \
  -H "Authorization: Bearer $SONIQO_API_KEY"

X-Api-Key

curl https://api.soniqo.audio/v1/voices \
  -H "X-Api-Key: $SONIQO_API_KEY"

Because the Bearer form is accepted, the official OpenAI and ElevenLabs SDKs authenticate with no change beyond the base URL:

from openai import OpenAI

client = OpenAI(
    base_url="https://api.soniqo.audio/v1",
    api_key="sk_...",   # sent as Authorization: Bearer
)

3. Manage keys

Create and revoke keys in the console. Revoking a key takes effect immediately. Rotate keys periodically and use a separate key per service so you can revoke one without disrupting the others. Keep keys server-side — never embed them in a browser or mobile client.

4. Rate limits

The default soft limit is 1,000 requests/minute per IP. Over the limit returns 429 Too Many Requests; back off and retry. Synthesis and transcription throughput is also bounded by your plan’s concurrency — higher quotas are available on paid plans and via support.

5. Errors

Errors return a JSON body { "error": "…" } with a standard status code:

  • 400 — malformed request (bad JSON, wrong audio format, missing field).
  • 401 — missing or invalid API key.
  • 402 — out of credits; top up in the console.
  • 404 — unknown id (job, voice, or resource).
  • 429 — rate limited; back off and retry.
  • 503 — transient backend unavailability; retry with backoff.