All /v1/* endpoints require authentication. ARouter supports four methods: three
API-key-based methods for every major LLM SDK, plus wallet-based authentication
for AI agents with crypto wallets.
Auth Methods
Bearer Token
Query Parameter
Wallet JWT (SIWx)
Used by the OpenAI SDK, DeepSeek SDK, Mistral SDK, and most OpenAI-compatible clients.Authorization: Bearer lr_live_xxxx
from openai import OpenAI
client = OpenAI(
base_url="https://api.arouter.ai/v1",
api_key="lr_live_xxxx", # sent as Bearer token
)
Used by the Google Gemini SDK.GET /v1beta/models?key=lr_live_xxxx
import google.generativeai as genai
genai.configure(
api_key="lr_live_xxxx", # sent as ?key= param
transport="rest",
client_options={"api_endpoint": "https://api.arouter.ai"},
)
Used by AI agents with crypto wallets (EVM or Solana). Wallets authenticate
with SIGN-IN-WITH-X and then use a wallet JWT as the Bearer token.Authorization: Bearer eyJhbGciOiJIUzI1NiIs...
POST /v1/x402/auth via SIWx, or from the
first successful x402 payment response.See the x402 Payments Guide for the full wallet flow. The first three methods use the same ARouter API key. The gateway automatically detects
which method is being used. Wallet users follow a separate path: SIWx/x402 produce a
wallet JWT, and subsequent requests use Authorization: Bearer <jwt>.
Key Types
| Key Type | Format | Description |
|---|
| Management Key | lr_mgmt_xxxx | Create and manage API keys via the management API. |
| API Key | lr_live_xxxx | Make LLM requests. Can have provider/model restrictions and spending limits. |
Error Responses
When authentication fails, you’ll receive one of these responses:
// Missing or malformed key
{
"error": {
"message": "missing or invalid Authorization header",
"type": "authentication_error"
}
}
// Invalid key
{
"error": {
"message": "invalid api key",
"type": "authentication_error"
}
}
401 Unauthorized. 
