Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.tarvah.com/llms.txt

Use this file to discover all available pages before exploring further.

All SDK API endpoints require an API key for authentication. API keys are prefixed with trvh_sdk_ and can be passed in two ways: 
curl -X POST https://<your-instance>/v1/sdk/import \
  -H "Authorization: Bearer trvh_sdk_abc123..." \
  -H "Content-Type: application/json" \
  -d '{ ... }'

Key format

PropertyValue
Prefixtrvh_sdk_
Length73 characters total (prefix + 64 hex chars)
Hash algorithmSHA-256 (only the hash is stored server-side)
The full API key is shown only once when created. Store it securely — it cannot be retrieved later.

Key lifecycle

  • Keys have an optional expiresAt date. Expired keys are rejected automatically.
  • Keys can be revoked at any time from the Tarvah Settings UI.
  • Each key is scoped to sdk:import permissions.
  • lastUsedAt is updated on every successful authentication.

Error responses

StatusBodyMeaning
401{"error": "API key required"}No key provided in headers
401{"error": "Invalid API key"}Key not found or revoked
401{"error": "API key expired"}Key past its expiresAt date