The simplest way to authenticate with Hober is an API key. Create one in the dashboard, then pass it as a Bearer token in every request. This is the same pattern used by OpenAI, Anthropic, and most AI providers — if you've used any of them, this will feel familiar.

Passing Your Key

Include your API key in the Authorization header of every request. If you're using the OpenAI SDK, set it as the apiKey parameter — the SDK handles the header for you.

Authorization: Bearer hb_live_your_key_here

Key Types

Hober issues two types of API keys. Both work identically — the prefix is a naming convention to help you separate production and development usage in your code.

Other Auth Methods

API keys are not the only way to authenticate. Hober supports several methods depending on your use case:

• Wallet auth (SIWX) — sign in with a Solana or Base wallet. Creates a JWT session that lasts 24 hours. Best for web apps where users connect their wallet. See Wallet Auth.
• x402 (no auth needed) — pay per request with USDC on Base. No API key, no account, no session — just a wallet. Best for autonomous agents and on-chain applications. See x402 Payments.
• Inference passes — purchase a pass for N requests valid for 30 days. Tied to a wallet address. Best for prepaid agent access without per-request payment.

Security Best Practices

Treat your API key like a password. Never expose it in client-side code, public repositories, or browser JavaScript. If you need to call Hober from a frontend, proxy the request through your backend server. If a key is compromised, revoke it immediately in the dashboard and create a new one.