My App

Authentication

API keys, the Token scheme, and read/write scopes.

API keys

All requests authenticate with a project API key (lb-sk_…), created and managed in the console. Send it in the Authorization header using the Token scheme:

Authorization: Token lb-sk_your_key_here

The SDK reads it from the apiKey option (or LIBRA_API_KEY):

import { createMemoryClient } from "@libra-memory/sdk";

const memory = createMemoryClient({ apiKey: process.env.LIBRA_API_KEY });

Scopes

Keys carry scopes that gate access:

ScopeAllows
readReads — search, list, get, query, chat.
writeMutations — add, upsert, create, update, delete.

A 401 means the key is missing or invalid; a 403 means it lacks the required scope for that endpoint.

Keep keys secret

Never commit API keys or expose them in client-side code. Use environment variables and your platform's secret manager. Rotate or revoke keys anytime from the console.

Quickstart

Install the SDK and make your first Libra call.

Memory

Long-term memory — add, search, and manage memories for users and agents.

On this page

API keysScopesKeep keys secret