Authentication
Every request uses your own PopGo API key.
Get a key
Sign in and create or select a Key on the keys page. Use it only in a local client or server environment you trust. Open the API keys page.
Send credentials
OpenAI compatible and Gemini requests commonly use Bearer authentication; the Claude protocol uses x-api-key.
Authorization: Bearer YOUR_API_KEY
x-api-key: YOUR_API_KEY
x-goog-api-key: YOUR_API_KEY
Protect the key
- Never place a key in public code, screenshots, or issue reports.
- Use a separate Key for each device or application so it can be disabled independently.
- If authentication fails, copy the Key again instead of passing it through a browser address.
Verify authentication
Run the quickstart request first. A normal JSON response confirms authentication; for a 401, inspect the header, Key status, and surrounding whitespace.