Introduction

Authentication

Learn how to authenticate requests to the Omniagent API

API keys

The Omniagent API uses API keys to authenticate requests. Every API key is scoped to an organization and a project. All resources — companions, tools, knowledge collections, and FAQ collections — live under a specific project.

All API requests must include the key in the X-Api-Key header:

X-Api-Key: <your-api-key>

If the key is missing, expired, or invalid, the server responds with 401 Unauthorized.

Your API key is a secret. Keep it private and only use it on the server side — never expose it in client-side code.

Getting an API key

For a step-by-step walkthrough with screenshots, see the Create a New API Key guide.

In short: open the dashboard, navigate to Keys, and click + Create API key. You'll choose a provider and a deployment type (Napster managed or your own custom deployment).

Using your API key

Include your key in the X-Api-Key header on every request:

curl https://companion-api.napster.com/public/companions/napster-stock \
  -H "X-Api-Key: $NAPSTER_API_KEY"

The same key works for all Omniagent API endpoints — managing companions, uploading knowledge, configuring tools, and everything else.

On this page