Authentication
Every request to the VoiceLab360 API must include a valid API key in theAuthorization header using the Bearer scheme.
vl360_test_. Production keys are prefixed vl360_live_.
Security requirements
- Never expose your API key in client-side code, browser JavaScript, or public repositories
- Store keys in environment variables or a secrets manager
- Rotate keys immediately if they are compromised
- Use one key per environment — never share a production key across projects
Error responses
A missing or invalid key returns HTTP401 with error code UNAUTHORIZED. A revoked key returns HTTP 403 with error code FORBIDDEN.
See Errors for the full error reference.