All API requests to Tempered require authentication via an API key.
API keys use the format prx_ followed by a unique token. They are created per-organisation and scoped to specific permissions.
| Scope | Permissions |
|---|---|
eval |
Submit evaluations, read results, manage knowledge documents |
admin |
Everything in eval plus organisation management, API key management, webhook configuration |
eval or admin)curl -X POST https://your-tempered-instance/api/v1/org/api-keys/ \
-H "Authorization: Bearer prx_your_admin_api_key" \
-H "Content-Type: application/json" \
-d '{"name": "CI Pipeline", "scope": "eval"}'
Response:
{
"id": "a1b2c3d4-...",
"name": "CI Pipeline",
"key_prefix": "prx_abc1",
"scope": "eval",
"raw_key": "prx_abc1...full_key_here..."
}
Include the key in the Authorization header as a Bearer token:
curl -H "Authorization: Bearer prx_your_api_key" \
https://your-tempered-instance/api/v1/evaluations/
import httpx
client = httpx.Client(
base_url="https://your-tempered-instance",
headers={"Authorization": "Bearer prx_your_api_key"},
)
# Submit an evaluation
response = client.post("/api/v1/evaluations/", json={
"description": "Deploy new monitoring stack to production",
})
evaluation_id = response.json()["id"]
If a key is compromised, revoke it immediately:
curl -X POST https://your-tempered-instance/api/v1/org/api-keys/{key_id}/revoke/ \
-H "Authorization: Bearer prx_your_admin_api_key"
eval for most integrations, admin only for management toolslast_used_at timestamp in the API Keys dashboardAPI requests are rate-limited per organisation:
When rate-limited, the API returns 429 Too Many Requests with a Retry-After header indicating when you can retry.
Your billing tier determines the number of evaluations per month. When you reach the limit:
429 Too Many RequestsGET /api/v1/billing/subscription/usage/