Authentication

The Kontext API uses API keys for authentication. Each key is scoped to an organization and grants access to all products within it.

Generating an API key

Go to Organization Settings → API Keys
Click Create API Key
Give it a descriptive name (e.g., “CI Pipeline”, “Data Export Script”)
Optionally set an expiry date — the key will stop working after this date
Copy the key — it won’t be shown again

Set an expiry date on every key. Short-lived keys limit the blast radius if a key is leaked. You can always create a new one when the old one expires.

Using your API key

Pass the key in the Authorization header with a Bearer prefix:

curl -H "Authorization: Bearer kx_your_api_key_here" \
  https://app.getkontext.io/api/v1/products

Rate limiting

API requests are rate-limited per organization:

Tier	Limit
Standard	100 requests/minute

Rate limit headers are included in every response:

X-RateLimit-Limit: 100
X-RateLimit-Remaining: 97
X-RateLimit-Reset: 1711900000

When rate-limited, the API returns 429 Too Many Requests.

Security

API keys are hashed at rest — Kontext cannot retrieve your key after creation
Rotate keys regularly and revoke any that may be compromised
Never commit API keys to source control

API Overview Submit feedback

​Authentication

​Generating an API key

​Using your API key

​Rate limiting

​Security

Authentication

Generating an API key

Using your API key

Rate limiting

Security