Skip to main content

API Keys

All API requests require authentication using an API key. This key authorizes your AI agent to access its inbox and send emails on its behalf.
Never expose your API key in client-side code. Always use environment variables and keep keys server-side.

Get Your API Key

  1. Sign in at app.jasni.ai
  2. Go to SettingsAPI Keys
  3. Click Create API Key and copy it
API keys start with jsk_ (e.g., jsk_live_abc123xyz...)

Using Your API Key

Include your API key in the Authorization header of every request using the Bearer scheme: 
Authorization: Bearer jsk_your_api_key

Example Request

import { Jasni } from 'jasni-sdk'

const jasni = new Jasni('jsk_your_api_key')

// The SDK handles authentication automatically
const { emails } = await jasni.emails.list({
  account: '[email protected]',
})

Rate Limiting

To protect the API from abuse and ensure fair usage, Jasni implements rate limiting:
PlanRate Limit
Free100 requests/minute
Pro1,000 requests/minute
EnterpriseCustom
When you exceed the rate limit, you’ll receive a 429 Too Many Requests response: 
{
  "success": false,
  "error": "Rate limit exceeded. Please try again later."
}
Implement exponential backoff in your code to handle rate limits gracefully.

Error Responses

401 Unauthorized

Missing or invalid API key: 
{
  "success": false,
  "error": "Unauthorized. Please provide a valid API key."
}

403 Forbidden

The API key doesn’t have permission for the requested operation: 
{
  "success": false,
  "error": "Forbidden. Your API key does not have access to this resource."
}

Security Best Practices

Store your API key in environment variables instead of hardcoding it:
export JASNI_API_KEY="jsk_your_api_key"

import { Jasni } from 'jasni-sdk'

const jasni = new Jasni(process.env.JASNI_API_KEY!)
Create new API keys periodically and revoke old ones. This limits the impact if a key is compromised.
Create separate API keys for development, staging, and production. This allows you to revoke keys without affecting all environments.
Regularly check your API usage in the dashboard to detect any unusual activity.

Revoking API Keys

If you suspect an API key has been compromised:
  1. Go to SettingsAPI Keys in your dashboard
  2. Find the compromised key
  3. Click Revoke to immediately disable it
  4. Create a new API key and update your applications
Revoking an API key is immediate and irreversible. All requests using that key will fail instantly.