Authentication
Every Dial request is authenticated with an API key — a string that begins with sk_live_. Send it as a Bearer token:
Requests without a valid key get 401 Unauthorized.
Get an API key
Create an account and key with the CLI:
onboard returns your key once and saves it locally, so subsequent dial commands are already authenticated. (Under the hood this calls POST /v1/auth/signup then POST /v1/auth/verify, which returns apiKey a single time — store it if you call the API directly.)
Use your key
- CLI — handled automatically after
dial onboard. - SDKs — pass the key when you construct the client:
Treat your API key like a password. It grants full access to your account — send messages, place calls, and read history. Never commit it; prefer an environment variable.
Base URL
All requests go to:
The CLI and SDKs target this by default. To point a tool at a different deployment, set the DIAL_API_URL environment variable (CLI) or pass baseUrl / base_url when constructing an SDK client.
Older SDK or CLI versions default to https://getdial.ai instead. Both URLs serve the same API — your existing code keeps working. Upgrade when convenient (npm update @getdial/sdk / pip install --upgrade dial-sdk / npm i -g @getdial/cli@latest) to pick up the new default.
Review your keys
GET /v1/account returns your account and a preview of each key (never the full value). See Core concepts for the object model.