Skip to main content
Every request to OpenOpen8 must include a token to identify your account and authorize access. You create tokens in the dashboard, and the same token works across all endpoint formats — OpenAI, Anthropic Claude, and Google Gemini. The only difference is which header you use to send it.

Get your token

1

Open the dashboard

Navigate to OpenOpen8 in a browser, for example https://openopen8.ai.
2

Go to Tokens

Click Tokens in the sidebar.
3

Create a token

Click Add Token, give it a name, configure any model restrictions or quota limits, then click Submit.
4

Copy the token

Copy the token value shown. OpenOpen8 only displays the full token once, so save it somewhere secure.

Authentication styles

OpenOpen8 supports three authentication styles to match the native format of each API family. All three use the same token value — only the header name changes.

OpenAI-compatible (most endpoints)

Pass your token as a Bearer token in the Authorization header. Use this style with all standard endpoints. Applies to: POST /v1/chat/completions, POST /v1/completions, POST /v1/responses, POST /v1/embeddings, POST /v1/audio/*, POST /v1/images/*, POST /v1/rerank, GET /v1/realtime, GET /v1/models 
curl https://openopen8.ai/v1/chat/completions \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "model": "gpt-4o",
    "messages": [{"role": "user", "content": "Hello"}]
  }'

Anthropic Claude

Pass your token in the x-api-key header and include the anthropic-version header. OpenOpen8 uses these headers to identify requests that should be handled in Claude Messages format. Applies to: POST /v1/messages 
curl https://openopen8.ai/v1/messages \
  -H "x-api-key: YOUR_TOKEN" \
  -H "anthropic-version: 2023-06-01" \
  -H "Content-Type: application/json" \
  -d '{
    "model": "claude-3-5-sonnet-20241022",
    "max_tokens": 1024,
    "messages": [{"role": "user", "content": "Hello"}]
  }'

Google Gemini

Pass your token in the x-goog-api-key header, or as a key query parameter. Both are equivalent. Applies to: POST /v1beta/models/{model}:generateContent 
curl "https://openopen8.ai/v1beta/models/gemini-2.0-flash:generateContent" \
  -H "x-goog-api-key: YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "contents": [{"parts": [{"text": "Hello"}]}]
  }'

Authentication errors

CodeCauseFix
401 UnauthorizedToken is missing, malformed, or has been deleted.Check that you are sending the correct header and that the token value is complete.
403 ForbiddenToken exists but does not have access to the requested model.In the dashboard, edit the token and check its allowed models list.

Security

Never include your token in client-side code, browser JavaScript, or public repositories. If a token is exposed, delete it immediately in the dashboard and create a new one.
Store tokens in environment variables or a secrets manager, and pass them to your application at runtime. On the server side, treat your OpenOpen8 token with the same care as any other API credential.