Authentication

View as Markdown

Every Dial request is authenticated with an API key — a string that begins with sk_live_. Send it as a Bearer token:

$curl https://api.getdial.ai/v1/numbers \
> -H "Authorization: Bearer sk_live_..."

Requests without a valid key get 401 Unauthorized.

Get an API key

Create an account and key with the CLI:

$dial signup you@example.com
$dial onboard --code 123456

onboard returns your key once and saves it locally, so subsequent dial commands are already authenticated. (Under the hood this calls POST /v1/auth/signup then POST /v1/auth/verify, which returns apiKey a single time — store it if you call the API directly.)

Use your key

  • CLI — handled automatically after dial onboard.
  • SDKs — pass the key when you construct the client:
1import { DialClient } from "@getdial/sdk";
2const dial = new DialClient({ apiKey: process.env.DIAL_API_KEY! });

Treat your API key like a password. It grants full access to your account — send messages, place calls, and read history. Never commit it; prefer an environment variable.

Base URL

All requests go to:

https://api.getdial.ai

The CLI and SDKs target this by default. To point a tool at a different deployment, set the DIAL_API_URL environment variable (CLI) or pass baseUrl / base_url when constructing an SDK client.

Older SDK or CLI versions default to https://getdial.ai instead. Both URLs serve the same API — your existing code keeps working. Upgrade when convenient (npm update @getdial/sdk / pip install --upgrade dial-sdk / npm i -g @getdial/cli@latest) to pick up the new default.

Review your keys

GET /v1/account returns your account and a preview of each key (never the full value). See Core concepts for the object model.