Authentication
The SDK supports three authentication modes. Each one returns a configured TouAI client instance.
Supported Modes
from touai import TouAI
client = TouAI(
access_key_id="ak_live_...",
secret_key="sk_live_...",
)
# Or rely on environment variables:
# export TOUAI_ACCESS_KEY_ID=ak_live_...
# export TOUAI_SECRET_KEY=sk_live_...
client = TouAI()Recommended Usage
| Mode | Best For | Notes |
|---|---|---|
| API Key | agents, scripts, CI/CD | Best default for headless workflows |
| Email / Password | interactive setup flows | Useful when you need JWT-only features first |
| Existing JWT | frontend-assisted auth | Reuse tokens issued elsewhere |
Managing API Keys
API keys are scoped to a billing context. Switch context before creating or rotating organization-scoped keys.
from touai import TouAI
jwt_client = TouAI.from_credentials(email="you@example.com", password="...")
# Personal key
key = jwt_client.api_keys.create()
print(key.access_key_id, key.secret_key)
# Organization key
jwt_client.auth.switch_context(organization_id="org-uuid")
org_key = jwt_client.api_keys.create()| Method | Return Type | Description |
|---|---|---|
api_keys.get() | ApiKey | Metadata for the current context key |
api_keys.create() | ApiKeyCreated | Create a new key and return the secret once |
api_keys.rotate() | ApiKeyRotated | Rotate the key and invalidate the old secret |
api_keys.revoke() | None | Revoke the current key |
api_keys.validate() | ApiKeyValidation | Validate the configured key |
API key secrets are only returned once when created or rotated. Store them immediately in your secret manager.