Where to get a key
Create and manage your API keys at platform.usecroma.com. Sign in, open your organization, and generate a key from the API keys section. The full key is shown only once at creation, so copy it somewhere safe before leaving the page.Create an API key
Open the Croma platform to mint and manage your organization’s keys.
Bearer scheme
Send your key in theAuthorization header using the Bearer scheme:
Organization-scoped keys only
Croma keys are minted for an organization, not an individual user. The API rejects personal keys with401:
Key format
Keys are issued branded ascroma_<env>_…. For example, croma_live_… in
production and croma_test_… elsewhere. The environment prefix tells you at a
glance which deployment a key targets; never use a test key against
production data or vice versa.
Failed authentication
Every authentication failure returns a401 with an authentication_error
envelope. The code field tells you what went wrong:
Next: Rate limits
How quotas are bucketed and surfaced in every response.