LEAPERone Docs

Authentication

Learn how to authenticate LEAPERone API requests with bearer tokens, manage API keys, and avoid common authorization errors.

LEAPERone uses separate credentials for model traffic and account control-plane operations.

Base URL

https://api.leaper.one

Model API Keys (sk-)

Use an API key for OpenAI-compatible model endpoints under /v1/*. Pass it in the Authorization header:

Bearer Token
curl https://api.leaper.one/v1/chat/completions \
  -H "Authorization: Bearer sk-your-api-key" \
  -H "Content-Type: application/json" \
  -d '{"model":"auto","messages":[{"role":"user","content":"Hello"}]}'

X-API-Key Header

Alternatively, use the X-API-Key header:

X-API-Key Header
curl https://api.leaper.one/v1/chat/completions \
  -H "X-API-Key: sk-your-api-key" \
  -H "Content-Type: application/json" \
  -d '{"model":"auto","messages":[{"role":"user","content":"Hello"}]}'

Control Tokens (lpc_)

CLI, EnvX, account automation, usage queries, tickets, and organization operations use scoped control tokens under /api/v1/*. Sign in through the Dashboard authorization UI:

npx @leaperone/cli auth login
npx @leaperone/cli auth status

Control tokens carry explicit scopes such as api_keys:read, credits:read, usage:read, or envx:write. Do not use a model API key as a permanent substitute for a control token.

Creating API Keys

You can create and manage keys in two ways:

Dashboard — go to Settings > API Keys and click Create Key.

CLI — list your existing keys from the terminal:

npx @leaperone/cli apikey list

API keys are shown only once at creation time. Store them securely.

Error Codes

CodeMeaning
401Invalid, expired, revoked, or missing credential.
403The control token does not include the required scope.
402Insufficient credits. Top up your balance to continue.

For full error response schemas, see the API Reference.