Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.maximem.ai/llms.txt

Use this file to discover all available pages before exploring further.

Overview

Synap uses API keys for all SDK authentication. One key, one environment variable — that’s all you need. 
export SYNAP_API_KEY=synap_your_key_here
Every SDK request (REST and gRPC) sends the API key as a Bearer token. Synap Cloud verifies it on every request.

Getting your API key

  1. Log in to the Synap Dashboard
  2. Navigate to your instance
  3. Click API Keys in the instance detail page
  4. Click Generate API Key, give it a label, and copy the key
The key is displayed only once. Copy it immediately. If you lose it, revoke it and generate a new one.
API keys start with synap_ and look like this: 
synap_Bx7Kp2mN9vQ4rT6wY8zA1cE3fG5hJ7kLm0pR2sT4uV6wX8yZ0aB1cD3eF5g

Using the API key

Set SYNAP_API_KEY: 
export SYNAP_API_KEY=synap_your_key_here
The SDK reads these automatically: 
from maximem_synap import MaximemSynapSDK

sdk = MaximemSynapSDK()
await sdk.initialize()
This is the recommended approach for all environments: local development, CI/CD, Docker, Kubernetes, Vercel, AWS Lambda.

Option 2: Constructor parameter

Pass the key directly: 
sdk = MaximemSynapSDK(
    api_key="synap_your_key_here"
)
await sdk.initialize()

Priority order

When initialize() is called, the SDK resolves credentials in this order:
  1. api_key parameter passed to the constructor
  2. SYNAP_API_KEY environment variable
The first one that succeeds wins. If neither is available, initialize() raises an AuthenticationError.

Multiple keys per instance

You can generate multiple API keys for the same instance. Each key has a label and can be revoked independently. Common patterns:
LabelUsage
productionYour production servers
stagingStaging/preview environment
ciCI/CD pipeline
dev-aliceDeveloper’s local machine
dev-bobAnother developer
Revoke any key without affecting the others.

REST API authentication

If you’re calling the Synap API directly (without the SDK), add the API key as a Bearer token: 
curl -X POST https://synap-cloud-prod.maximem.ai/v1/context/user/fetch \
  -H "Authorization: Bearer synap_your_key_here" \
  -H "Content-Type: application/json" \
  -d '{"user_id": "user_123", "search_query": ["preferences"]}'

JavaScript SDK

Same pattern — set the environment variable or pass directly: 
const { createClient } = require('@maximem/synap-js-sdk');

// From environment (reads SYNAP_API_KEY automatically)
const client = createClient();
await client.init();

// Or pass directly
const client = createClient({
  instanceId: 'inst_a1b2c3d4e5f67890',
  apiKey: 'synap_your_key_here',
});
await client.init();

Security best practices

Use .env files (added to .gitignore) or your platform’s secrets manager. GitHub’s secret scanning will flag leaked synap_ keys automatically.
Generate a different key for development, staging, CI, and production. If one leaks, revoke only that key — the others continue working.
Generate a new key, update your environment, verify it works, then revoke the old one. There’s no expiry deadline — rotate on your own schedule.
API keys work everywhere — Vercel, AWS Lambda, Cloudflare Workers, Docker, Kubernetes. Set SYNAP_API_KEY in your platform’s environment configuration and you’re done. No file I/O, no extra setup step.

Troubleshooting

ErrorCauseFix
AuthenticationError: No API key providedSDK can’t find credentials anywhereSet SYNAP_API_KEY env var or pass api_key= to constructor
AuthenticationError: Invalid credentialsKey is wrong, revoked, or malformedCheck the key in your dashboard — is it active?
401 Unauthorized on API callsSame as above, for direct REST callsVerify the Authorization: Bearer header value