Overview All Dataframer API requests require authentication using an API key. This guide explains how to obtain your API key and use it to authenticate your requests.
Getting Your API Key Via Web Interface
Log in to your Dataframer account at https://app.aimon.ai
Navigate to the Account tab
Find the API Key section
Click Copy to copy your API key
Keep your API key secure. Do not commit it to version control or share it publicly.
Via API If you’re already logged in and have a JWT token, you can retrieve your API key programmatically:
curl -X GET 'https://df-api.dataframer.ai/api/users/api-key/' \ -H 'Authorization: Bearer YOUR_JWT_TOKEN' Response: { "api_key" : "sk_live_1234567890abcdefghijklmnopqrstuvwxyz" } Using Your API Key Include your API key in the Authorization header of all API requests:
Authorization: Bearer YOUR_API_KEY Example Request curl -X GET 'https://df-api.dataframer.ai/api/dataframer/datasets/' \ -H 'Authorization: Bearer sk_live_1234567890abcdefghijklmnopqrstuvwxyz' Dataframer API keys follow this format:
Prefix : sk_live_ for production keysLength : 40+ charactersCharacters : Alphanumeric string
Example: sk_live_1234567890abcdefghijklmnopqrstuvwxyz
Best Practices
Never commit API keys to version control
Use environment variables for key storage
Rotate keys regularly
Use different keys for different environments
Store keys in environment variables: Linux/macOS: export DATAFRAMER_API_KEY = "sk_live_your_key_here" Windows: $ env: DATAFRAMER_API_KEY = "sk_live_your_key_here" Use in code: import os api_key = os.environ.get( 'DATAFRAMER_API_KEY' )
Create a .env file (add to .gitignore): DATAFRAMER_API_KEY=sk_live_your_key_here DATAFRAMER_API_URL=https://df-api.dataframer.ai Load in Python: from dotenv import load_dotenv load_dotenv() api_key = os.getenv( 'DATAFRAMER_API_KEY' )
Regularly rotate your API keys:
Generate a new API key
Update applications with new key
Test that new key works
Revoke old key
Monitor for any issues
Code Examples Python import requests import os API_KEY = os.environ.get( 'DATAFRAMER_API_KEY' ) BASE_URL = 'https://df-api.dataframer.ai/api/dataframer' headers = { 'Authorization' : f 'Bearer { API_KEY } ' , 'Content-Type' : 'application/json' } # Make authenticated request response = requests.get( f ' { BASE_URL } /datasets/' , headers = headers) datasets = response.json() print ( f "Found { len (datasets) } datasets" ) Node.js const axios = require ( 'axios' ); const API_KEY = process . env . DATAFRAMER_API_KEY ; const BASE_URL = 'https://df-api.dataframer.ai/api/dataframer' ; const headers = { 'Authorization' : `Bearer ${ API_KEY } ` , 'Content-Type' : 'application/json' }; // Make authenticated request async function getDatasets () { const response = await axios . get ( ` ${ BASE_URL } /datasets/` , { headers }); console . log ( `Found ${ response . data . length } datasets` ); } getDatasets (); cURL # Store key in variable export API_KEY = "sk_live_your_key_here" # Use in requests curl -X GET 'https://df-api.dataframer.ai/api/dataframer/datasets/' \ -H "Authorization: Bearer $API_KEY " package main import ( " fmt " " net/http " " os " ) func main () { apiKey := os . Getenv ( "DATAFRAMER_API_KEY" ) baseURL := "https://df-api.dataframer.ai/api/dataframer" req , _ := http . NewRequest ( "GET" , baseURL + "/datasets/" , nil ) req . Header . Set ( "Authorization" , "Bearer " + apiKey ) req . Header . Set ( "Content-Type" , "application/json" ) client := & http . Client {} resp , err := client . Do ( req ) if err != nil { panic ( err ) } defer resp . Body . Close () fmt . Println ( "Status:" , resp . Status ) } Authentication Errors 401 Unauthorized Error: { "detail" : "Authentication credentials were not provided." } Causes:
Missing Authorization header
Missing API key
Incorrect header format
Solution: # Correct format Authorization: Bearer YOUR_API_KEY # Incorrect formats (don't use these) Authorization: YOUR_API_KEY Bearer YOUR_API_KEY Authorization: Token YOUR_API_KEY 403 Forbidden Error: { "detail" : "Invalid or expired API key." } Causes:
API key is invalid
API key has been revoked
API key has expired
Account is suspended
Solution:
Verify API key is correct
Generate a new API key
Check account status
Contact support if issues persist
Rate Limiting Error: { "detail" : "Rate limit exceeded. Try again in 60 seconds." } Current Limits:
100 requests per minute per API key
1000 requests per hour per API key
Solution:
Implement exponential backoff
Cache responses when possible
Contact support for higher limits
Security Considerations Never expose API keys in client-side code, public repositories, or logs.
What NOT to Do ❌ Commit keys to Git:
// DON'T DO THIS const API_KEY = 'sk_live_1234567890abcdefghijklmnopqrstuvwxyz' ; ❌ Log keys:
# DON'T DO THIS print ( f "Using API key: { api_key } " ) ❌ Share keys in screenshots or documentation:
# DON'T DO THIS curl -H "Authorization: Bearer sk_live_actual_real_key" ... What TO Do ✅ Use environment variables:
api_key = os.environ.get( 'DATAFRAMER_API_KEY' ) ✅ Use secrets management:
# AWS Secrets Manager, HashiCorp Vault, etc. api_key = secrets_manager.get_secret( 'dataframer_api_key' ) ✅ Restrict key access:
Only give keys to services that need them
Use separate keys for different environments
Rotate keys regularly
Local Development For local development with Docker Compose, API keys are stored in .env.*.local files which are pulled from AWS Secrets Manager during setup.
Location: dataframer-in-box/.env.ui-backend.local Never commit these files: # Add to .gitignore .env*.local *.env.local Testing Authentication Test that your API key works:
curl -X GET 'https://df-api.dataframer.ai/api/users/me/' \ -H 'Authorization: Bearer YOUR_API_KEY' Success Response: { "id" : "user_123" , "email" : "[email protected] " , "company" : "Acme Corp" , "role" : "developer" } Next Steps 
