Authentication
Every request requires a valid API key passed in the constructor. The SDK sends it as an Authorization: Bearer header automatically.
API Key Format
Key Format: Must start with sk_ prefix.
The SDK validates the API key format client-side before making any requests. An AuthenticationError is thrown immediately if:
- The API key is missing or empty
- The API key is not a string
- The API key does not start with
sk_
// Validconst sdk = new SonarSDK({ apiKey: 'sk_live_abc123', instanceName: 'demo' });
// Invalid — throws AuthenticationError immediatelyconst sdk = new SonarSDK({ apiKey: 'invalid_key', instanceName: 'demo' });// Error: API key must start with "sk_"Request Headers
Every request sent by the SDK includes:
| Header | Value | Description |
|---|---|---|
Authorization | Bearer sk_... | API key authentication |
Content-Type | application/json | Default content type |
| Custom headers | From config.headers | User-provided additional headers |