API

Authentication

Create and manage API keys for the Commissioned API.

API keys

All API requests require a Bearer token. You create and manage API keys from your profile in the Commissioned app.

Creating a key

Go to app.commissioned.tech and sign in

Click your avatar → Profile

Scroll to the API Keys section

Click Create API key

Copy the key immediately — it's only shown once

API keys are shown once at creation. If you lose a key, revoke it and create a new one. Commissioned stores only the key prefix for identification.

Using a key

Include your API key in the Authorization header as a Bearer token:

from openai import OpenAI

client = OpenAI(
    base_url="https://app.commissioned.tech/v1",
    api_key="your-api-key",  # or use OPENAI_API_KEY env var
)

import OpenAI from "openai";

const client = new OpenAI({
  baseURL: "https://app.commissioned.tech/v1",
  apiKey: "your-api-key",  // or use OPENAI_API_KEY env var
});

curl https://app.commissioned.tech/v1/models \
  -H "Authorization: Bearer your-api-key"

Revoking a key

Go to Profile → API Keys
Find the key by its prefix
Click Revoke

The key is immediately invalidated. Any in-flight requests may still complete, but new requests will return 401 Unauthorized.

Security best practices

Practice	Why
Never commit keys to git	Keys in version control are the #1 cause of leaks
Use environment variables	Store keys in `.env` files or your platform's secret manager
Create separate keys per environment	Different keys for dev, staging, and production
Rotate keys periodically	Revoke old keys and create new ones on a regular cadence
Use the minimum scope needed	One key per application or service

Using environment variables

# .env
COMMISSIONED_API_KEY=your-api-key

import os
from openai import OpenAI

client = OpenAI(
    base_url="https://app.commissioned.tech/v1",
    api_key=os.environ["COMMISSIONED_API_KEY"],
)

# .env
COMMISSIONED_API_KEY=your-api-key

import OpenAI from "openai";

const client = new OpenAI({
  baseURL: "https://app.commissioned.tech/v1",
  apiKey: process.env.COMMISSIONED_API_KEY,
});

Error responses

Status	Meaning
`401 Unauthorized`	Missing or invalid API key
`403 Forbidden`	Key is valid but doesn't have access to the requested resource
`429 Too Many Requests`	Rate limit exceeded — see Rate Limits

API Overview

Integrate your fine-tuned models into any application with the OpenAI-compatible API.

Chat Completions

Send messages to your fine-tuned models via the chat completions endpoint.