Skip to main content

Authentication

The Kathan API requires both a Bearer token and an X-User-ID header for secure access to all endpoints except health checks.

Bearer Token Format

Include your API key and user id in the headers: 
Authorization: Bearer sk_live_your_api_key_here
X-User-ID: user_xxx

Example Request

curl -H "Authorization: Bearer sk_live_your_key" \
  -H "X-User-ID: user_xxx" \
  "https://api.staging.kathan.tech/protected"

Response

{
  "message": "Hello, user user_xxx!",
  "user_id": "user_xxx"
}

Rate Limits

  • Development: 100 requests/minute
  • Production: 1,000 requests/minute
  • Enterprise: Custom limits
Rate limit headers are included in responses: 
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 99
X-RateLimit-Reset: 1640995200

Error Responses

401 Unauthorized 
{
  "detail": "Invalid authentication credentials"
}
429 Too Many Requests 
{
  "detail": "Rate limit exceeded"
}