Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.harmstack.ai/llms.txt

Use this file to discover all available pages before exploring further.

All API endpoints except GET /v0/health require authentication. Harmstack uses API key authentication via the standard HTTP Authorization header.

Get your API key

Contact Vetted Medical or your account team to obtain an API key. Store it securely — you will not be able to retrieve the key value after it is issued.

Authenticate a request

Include your API key as a bearer token in the Authorization header of every request: 
Authorization: Bearer YOUR_API_KEY

Examples

curl https://api.harmstack.com/v0/me \
  -H "Authorization: Bearer YOUR_API_KEY"

Error responses

If authentication fails, the API returns 401 Unauthorized: 
{"error": "unauthorized"}
Common causes:
  • The Authorization header is missing entirely
  • The header value does not start with Bearer
  • The API key is invalid or has been revoked

Using the CLI

The harmstack CLI reads your API key from the HARMSTACK_API_KEY environment variable. You can also pass it explicitly with the --harmstack-api-key flag on any command.

Security

Store your API key in an environment variable (HARMSTACK_API_KEY) and read it at runtime. Never hardcode your API key directly in source code or commit it to version control.