Authentication

PRYSM authenticates with a bearer API key over HTTPS. The same key works for the REST API, the SDKs, the CLI, and the MCP server.

API keys

PRYSM keys are prefixed prysm_sk_ (secret key). Create one at prysm1.com.

Your secret key grants full access to your account and is billable. Never commit it to source control, embed it in client-side code, or paste it into a browser. If a key leaks, rotate it from your dashboard immediately.

The base URL

All API requests go to:

https://api.prysm1.com/v1

This base URL already includes the /v1 version segment — point your OpenAI client at it and the SDK appends paths like /chat/completions automatically.

Sending the key

Pass the key in the Authorization header as a bearer token:

Authorization: Bearer prysm_sk_your_key

from prysm import Prysm

# Reads PRYSM_API_KEY and PRYSM_BASE_URL from the environment:
client = Prysm()

# ...or pass them explicitly:
client = Prysm(api_key="prysm_sk_your_key", base_url="https://api.prysm1.com/v1")

Environment variables

The SDKs and CLI resolve configuration from the environment, so you never have to hard-code credentials.

Variable	Used for	Default
`PRYSM_API_KEY`	Your `prysm_sk_*` secret key.	—
`PRYSM_BASE_URL`	API base URL (override for self-hosted).	`https://api.prysm1.com/v1`

export PRYSM_API_KEY="prysm_sk_your_key"
# Optional — only if you self-host or target a non-default region:
export PRYSM_BASE_URL="https://api.prysm1.com/v1"

For drop-in migrations, the Python and Node SDKs also fall back to OPENAI_API_KEY if PRYSM_API_KEY is not set — so pointing existing code at PRYSM can be a one-line base-URL change.

Which endpoints require a key

Endpoint	Auth required
`POST /v1/chat/completions`	Yes
`POST /v1/route`	Yes
`GET /v1/usage`	Yes
`GET /v1/models`	No
`POST /v1/brain/validate`	No
`GET /v1/proof/{request_id}`	No
`GET /health`	No

Rate limits

Each key has a per-minute request limit tied to your plan. Exceeding it returns 429 rate_limit_exceeded with a message describing your limit. Back off and retry, or upgrade your plan for a higher ceiling.

Authentication errors

401 — invalid_api_key

The key is missing, malformed, or revoked. Check the Authorization header is present and formatted as Bearer prysm_sk_....

{ "detail": { "error": "invalid_api_key", "message": "Invalid or missing PRYSM API key." } }

429 — rate_limit_exceeded

You’ve exceeded your per-minute request limit. Retry after the current minute, or upgrade your plan.

{ "detail": { "error": "rate_limit_exceeded", "message": "Limit: 60 requests/min." } }

Next: send your first request in the Quickstart, or browse the full API reference.

​API keys

​The base URL

​Sending the key

​Environment variables

​Which endpoints require a key

​Rate limits

​Authentication errors

API keys

The base URL

Sending the key

Environment variables

Which endpoints require a key

Rate limits

Authentication errors