API Key
Using the BoreholeAI Python SDK requires an API key. This page explains how to get your key, set it up securely, and troubleshoot common issues.
Get Your API Key
Get your API key from the API Keys settings page:
- Log in to boreholeai.com.
- Navigate to Settings → API Keys.
- Click Create API Key and give it a descriptive name.
- Click the copy icon to copy your API key. It will only be shown once.
Your API key starts with bhai_. You can create multiple keys and revoke any key at any time from the same page.
Set Your API Key
There are several ways to provide your API key to the Python SDK.
Method 1: Pass the Key Directly
The simplest approach for quick testing. Pass the key as a string when initialising the client.
Python
from boreholeai import BoreholeAI
client = BoreholeAI(api_key="bhai_your_api_key_here")Warning: Do not hardcode your API key in source files that are committed to version control. Use one of the methods below instead.
Method 2: Store the Key in a .env File
Use a .env file to keep your API key out of source code. This is the recommended approach for most projects.
Install the python-dotenv package:
bash
pip install python-dotenvCreate a .env file in your project root:
.env
BOREHOLEAI_API_KEY=bhai_your_api_key_hereLoad the key in your Python script:
Python
import os
from dotenv import load_dotenv
from boreholeai import BoreholeAI
load_dotenv()
client = BoreholeAI(api_key=os.getenv("BOREHOLEAI_API_KEY"))Make sure to add .env to your .gitignore so the key is never committed to version control.
Method 3: Set an Environment Variable
Set the API key as a system environment variable. This is useful for production deployments, CI/CD pipelines, or Docker containers.
Linux / macOS
export BOREHOLEAI_API_KEY=bhai_your_api_key_hereWindows (PowerShell)
$env:BOREHOLEAI_API_KEY="bhai_your_api_key_here"Then read it in your script:
Python
import os
from boreholeai import BoreholeAI
client = BoreholeAI(api_key=os.environ["BOREHOLEAI_API_KEY"])To make the variable persistent on Linux/macOS, add the export line to your shell configuration file (.zshrc or .bashrc) and run source ~/.zshrc to apply the changes.
Security Best Practices
- Never commit API keys to version control. If using a
.envfile, add it to.gitignore. - Don’t share your API key. Each key is scoped to your account. Anyone with your key can process documents and use your credits.
- Revoke compromised keys immediately. If you suspect a key has been exposed, revoke it from Settings → API Keys and create a new one. The old key is invalidated instantly.
- Use separate keys for development and production. This limits the blast radius if a development key is accidentally leaked.
Revoking API Keys
To revoke an API key:
- Go to Settings → API Keys.
- Find the key you want to revoke.
- Click the delete button and confirm.
Revoked keys are immediately invalidated. Any API requests using a revoked key will receive a 401 Unauthorized response. You can create a new key at any time.
Troubleshooting
AuthenticationError: Invalid API key
- Verify the key was copied correctly — it should start with
bhai_. - Check that the key has not been revoked from the dashboard.
- Ensure there are no extra spaces or newline characters in the key string.
.env file not loading
- Check file location: The
.envfile should be in the same directory where you run your script, or in the project root. - Check format: No spaces around the equals sign.
BOREHOLEAI_API_KEY=bhai_xxxis correct,BOREHOLEAI_API_KEY = bhai_xxxis not. - Check import: Make sure you call
load_dotenv()before reading the variable.
InsufficientCreditsError
Your account does not have enough credits to process the submitted pages. Purchase credits from Settings → Plan & Billing, set up auto-recharge to avoid running out, or contact us.
RateLimitError
You have sent too many requests in a short period. Wait a few seconds and retry. For most use cases, rate limits are generous. If you need higher limits for production workloads, contact support@boreholeai.com.