Seizn.

Authentication

Learn how to authenticate your requests to the Seizn API.

Bearer Token Authentication

All API requests require authentication using a Bearer token in the Authorization header.

bash
curl -H "Authorization: Bearer szn_your_api_key_here" \
  https://seizn.com/api/memories?query=test

Recommended: Use the Authorization: Bearer header for all new integrations.

API Key Format

Seizn API keys follow this format:

text
szn_<random_string>

Example: szn_abc123def456ghi789jkl012mno345pqr
  • Prefix szn_ identifies Seizn keys
  • 36 character random string follows the prefix
  • Keys are case-sensitive

Legacy: x-api-key HeaderDeprecated

Deprecation Notice

The x-api-key header is deprecated and will be removed on May 1, 2026. Please migrate to Authorization: Bearer.

bash
# Deprecated - do not use for new integrations
curl -H "x-api-key: szn_your_api_key_here" \
  https://seizn.com/api/memories?query=test

When using the deprecated header, the API will return these headers:

http
Deprecation: true
Sunset: 2026-05-01T00:00:00Z
Link: <https://seizn.com/docs/auth#migration>; rel="deprecation"
X-Deprecation-Notice: x-api-key header is deprecated. Use Authorization: Bearer instead.

Migration Guide

Follow these steps to migrate from x-api-key to Authorization: Bearer:

1

Update Header Name

Change the header from x-api-key to Authorization.

2

Add Bearer Prefix

Prepend Bearer (with a space) to your API key.

3

Test Your Integration

Verify your requests work with the new header format.

Before (Deprecated)

bash
curl -H "x-api-key: szn_xxx" ...

After (Recommended)

bash
curl -H "Authorization: Bearer szn_xxx" ...

SDK Authentication

Python

python
from seizn import Seizn

# API key from environment variable (recommended)
client = Seizn()

# Or pass explicitly
client = Seizn(api_key="szn_xxx")

JavaScript

javascript
import { Seizn } from 'seizn';

// API key from environment variable (recommended)
const client = new Seizn();

// Or pass explicitly
const client = new Seizn({ apiKey: 'szn_xxx' });

Security Best Practices

  • Never expose keys in client-side code

    API keys should only be used server-side. Use a backend proxy for browser applications.

  • Use environment variables

    Store API keys in environment variables, not in source code.

  • Rotate keys regularly

    Generate new keys periodically and revoke old ones from the dashboard.

  • Set key expiration

    Configure auto-expiration for keys (90 days recommended).

Authentication Errors

Error CodeStatusDescription
AUTH_MISSING_KEY401No API key provided
AUTH_INVALID_KEY401Invalid or inactive API key
AUTH_EXPIRED_KEY401API key has expired
Back to DocsSecurity & Governance