Skip to main content
All SDK API endpoints require an API key for authentication. API keys are prefixed with trvh_sdk_ and can be passed in two ways:

Key format

The full API key is shown only once when created. Store it securely — it cannot be retrieved later.

Key lifecycle

  • Keys have an optional expiresAt date. Expired keys are rejected automatically.
  • Keys can be revoked at any time from the Tarvah Settings UI.
  • Each key is scoped to sdk:import permissions.
  • lastUsedAt is updated on every successful authentication.

Error responses