Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.cogito.decart.ai/llms.txt

Use this file to discover all available pages before exploring further.

Cogito authenticates with bearer tokens — the same shape OpenAI uses, so any OpenAI-compatible SDK works without modification. 
Authorization: Bearer cog-live-...

Creating keys

  1. Sign in at cogito.decart.ai.
  2. Open Dashboard → API keys.
  3. Click Create, name the key (we recommend naming it after the environment — production-api, local-dev), and copy the secret immediately. The full secret is shown once.

Best practices

  • One key per environment. Local dev, staging, and production should each have their own key.
  • Rotate on schedule. We surface last_used_at on every key — keys that haven’t been used in 30 days are good rotation candidates.
  • Revoke instantly. Compromised keys can be revoked from the dashboard; revocation propagates within seconds.
  • Don’t commit keys. Use environment variables (COGITO_API_KEY) or your platform’s secret manager.

Scopes

For MVP, every key has full account scope. Per-key scoping (read-only, model-specific, monthly budget) ships in the next release.

Errors

A request without a valid key returns: 
{
  "error": {
    "type": "invalid_request_error",
    "code": "invalid_api_key",
    "message": "The API key provided is missing or revoked.",
    "request_id": "req_..."
  }
}
Always log the request_id — we trace it through every layer of the gateway and inference cluster, so support can find your request immediately.