Skip to main content

Authentication

All API requests require a bearer token in the Authorization header. 
Authorization: Bearer zt_live_your_key_here

API Key Types

PrefixEnvironmentCostLLM CallsUse For
zt_live_ProductionReal creditsReal agentsLive integrations
zt_test_SandboxFree (0 credits)Deterministic canned responsesDevelopment, testing, CI
Never share API keys in conversation, chat logs, or client-side code. Always use environment variables or a secrets manager.

Getting a Key

  1. Sign up at developers.zebratruth.ai
  2. Navigate to Dashboard → API Keys
  3. Click Create Key and choose a name and environment (live or test)
  4. Copy the key immediately — it is shown only once

Validating Your Key

curl https://api.zebratruth.ai/v1/whoami \
  -H "Authorization: Bearer $ZEBRATRUTH_API_KEY"
200 — Valid Key
{
  "tenantId": "tenant_abc",
  "tier": "starter",
  "creditsRemaining": 1420,
  "creditsTotal": 1665,
  "rateLimitPerMinute": 60
}
401 — Invalid Key
{
  "error": "Invalid API key"
}

Test Mode

Test keys (zt_test_...) return deterministic sandbox responses:
  • No cost engine — no credits deducted
  • No real LLM calls — responses are pre-built canned scenarios
  • Deterministic — same input always produces the same output
  • Responses include _meta.mode: "test" so you can detect sandbox mode
Test Mode Response
{
  "score": 55,
  "decision": "HOLD",
  "checks": [...],
  "_meta": {
    "mode": "test",
    "sandbox": true,
    "creditsCharged": 0,
    "estimatedProductionCost": 47,
    "scenarioId": "claim-violation"
  }
}

Idempotency

All mutating endpoints (POST, DELETE) require an Idempotency-Key header: 
Idempotency-Key: 550e8400-e29b-41d4-a716-446655440000
  • Generate a new UUID for each distinct request
  • Reuse the same key to safely retry a failed request
  • Prevents duplicate execution and double-charging
  • Keys expire after 24 hours

Rate Limits

TierRequests/minConcurrent Load Units
Free102
Starter608
Pro30025
EnterpriseCustomCustom
When rate-limited, the API returns 429 with a Retry-After header indicating seconds to wait.