Gilito AIDocs

Authentication

All API requests require an API key. This guide walks you through obtaining and using your key.

Step 1: Create an Account

Sign up at tio.gilito.ai and complete the onboarding process.

Step 2: Generate an API Key

Navigate to Settings → API Keys in your dashboard. Only account administrators can create API keys.

  • Click “Create API Key” and give it a descriptive name.
  • Copy the key immediately — it will only be shown once. Keys are prefixed with gil_.
  • Store the key securely. Never expose it in client-side code or public repositories.

Step 3: Authenticate Requests

Include your API key in the Authorization header as a Bearer token:

Authenticated request
curl "https://api.gilito.ai/api/v1/market-data/assets" \
  -H "Authorization: Bearer gil_your_api_key_here"

API Key Best Practices

Use environment variables. Store your API key in an environment variable (e.g., GILITO_API_KEY) rather than hardcoding it.
Rotate keys regularly. Delete old keys and create new ones periodically from your dashboard.
Use separate keys per environment. Create different keys for development, staging, and production.
Never expose keys client-side. API calls should be made from your backend. Never include keys in frontend JavaScript, mobile apps, or public repositories.

Example: First Request

Verify your setup by fetching the list of available assets:

First request examples
# Using curl
curl "https://api.gilito.ai/api/v1/market-data/assets" \
  -H "Authorization: Bearer $GILITO_API_KEY"

# Using JavaScript (Node.js)
const response = await fetch("https://api.gilito.ai/api/v1/market-data/assets", {
  headers: { "Authorization": `Bearer ${process.env.GILITO_API_KEY}` },
});
const { data } = await response.json();
console.log(data);

# Using Python
import requests

response = requests.get(
    "https://api.gilito.ai/api/v1/market-data/assets",
    headers={"Authorization": f"Bearer {os.environ['GILITO_API_KEY']}"},
)
print(response.json()["data"])
Missing or invalid API key? You'll receive a 401 Unauthorized error. Double-check that your key is correct and included in the Authorization header.
Next: Rate Limits →