Authentication

Every request to Baton requires a Bearer token.

API keys

Create API keys from the dashboard. Keys are prefixed with baton_ and scoped to your account.

Using your key

Pass your API key in the Authorization header as a Bearer token.

Code

curl -X POST https://b4ton.sh/api/pass \
  -H "Authorization: Bearer baton_abc123..." \
  -H "Content-Type: application/json" \
  -d '{ "task": "Review this draft" }'

Or pass it to the SDK constructor:

Code

import Baton from "b4ton"

const baton = new Baton(process.env.BATON_KEY)

Security

Never expose your API key in client-side code.
Use environment variables to store keys.
Rotate keys from the dashboard if compromised.
Each key can be revoked independently.