Authentication

All API requests require a Bearer token. The SDKs read your key from the TZAFON_API_KEY environment variable by default.

Get your API key

1. Sign up at lightcone.ai
2. Go to the developer dashboard
3. Copy your API key (starts with sk_)

Set the environment variable

export TZAFON_API_KEY=sk_your_api_key_here

The SDK will pick this up automatically:

from tzafon import Lightcone

client = Lightcone()  # reads TZAFON_API_KEY from environment

import Lightcone from "@tzafon/lightcone";

const client = new Lightcone();  // reads TZAFON_API_KEY from environment

Pass the key explicitly

If you prefer not to use environment variables:

client = Lightcone(api_key="sk_your_api_key_here")

const client = new Lightcone({ apiKey: "sk_your_api_key_here" });

Base URL

The SDK defaults to https://api.tzafon.ai. Override it for custom deployments:

client = Lightcone(base_url="https://your-deployment.example.com")

const client = new Lightcone({ baseURL: "https://your-deployment.example.com" });

You can also set the LIGHTCONE_BASE_URL environment variable.

Configure timeouts and retries

client = Lightcone(
    timeout=30.0,      # seconds
    max_retries=3,
)

const client = new Lightcone({
  timeout: 30000,     // milliseconds
  maxRetries: 3,
});

Both SDKs retry automatically on connection errors and 5xx responses (default: 2 retries).

Using raw curl

If you’re not using an SDK, pass the key as a Bearer token:

curl https://api.tzafon.ai/computers \
  -H "Authorization: Bearer $TZAFON_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"kind": "browser"}'

Rate limits

• 10 failed authentication attempts in 10 minutes will block your IP
• Concurrent session limits depend on your plan tier
• If rate limited, you’ll receive a 429 response with retry guidance

Never commit your API key to source control. Use environment variables or a secrets manager.

See also

• Quickstart — use your API key to create your first browser session
• Troubleshooting — fix authentication errors and rate limits