Skip to main content
All requests to the Lumenfall API require authentication using an API key.

Getting your API key

  1. Sign in to your Lumenfall dashboard
  2. Navigate to API Keys
  3. Click Create API Key
  4. Copy and securely store your key
API keys are only shown once when created. Store your key securely - you won’t be able to view it again.

Using your API key

Include your API key in the Authorization header of every request: 
Authorization: Bearer lmnfl_abc123.xyz789

Example request

curl https://api.lumenfall.ai/openai/v1/models \
  -H "Authorization: Bearer $LUMENFALL_API_KEY"

With OpenAI SDK

Since Lumenfall is OpenAI-compatible, configure the SDK with your Lumenfall key: 
from openai import OpenAI

client = OpenAI(
    api_key="lmnfl_abc123.xyz789",
    base_url="https://api.lumenfall.ai/openai/v1"
)

Managing API keys

From your dashboard, you can:
  • Create new API keys with unique titles
  • Revoke keys that are no longer needed or may be compromised
  • Delete revoked keys to keep your dashboard clean
  • View usage per key to track which applications are consuming your quota

Security best practices

Use environment variables or secret management tools instead of hardcoding keys in your code.
# .env file (add to .gitignore)
LUMENFALL_API_KEY=lmnfl_abc123.xyz789
API keys should never be included in browser JavaScript, mobile apps, or any code that runs on user devices. Client-side code can be inspected, and exposed keys can be stolen and abused.Instead, proxy requests through your own backend server to keep your API key secure. Alternatively, you can create a separate API key for each of your users so that you can limit their use.
Create distinct API keys for development, staging, and production. This makes it easier to rotate keys and track usage.
Regularly rotate your API keys, especially for production environments. Revoke old keys after confirming the new ones work.
If you suspect a key has been exposed, revoke it immediately from your dashboard and create a new one.