Every request to the Partner API requires an API key passed as a query parameter.
Passing your API key
Add apiKey as a query parameter on every request:
GET /analysis?apiKey=YOUR_API_KEY
POST /analysis/start?apiKey=YOUR_API_KEY
GET /subjects?apiKey=YOUR_API_KEY
Do not expose your API key in client-side code. Always call the Ochy API from
your backend server.
Getting an API key
Contact sales through the Ochy website or from your account to request a partner account.
Once your organization is set up, generate an API key from the
web dashboard.
Error responses
If authentication fails, the API returns one of these responses:
Missing API key — 401
Returned when the apiKey query parameter is absent.
{
"detail": "API Key is missing"
}
Invalid API key — 403
Returned when the key does not match any active partner account.
{
"detail": "Invalid API Key"
}
Credits
Each analysis consumes one credit from your account balance. The credit is deducted
when the analysis starts, not when results are retrieved.
Insufficient credits — 402
Returned when your account has no remaining credits.
{
"detail": "Insufficient credits to perform analysis",
"code": "insufficient_credits"
}
Security best practices
- Store your API key in environment variables or a secrets manager — never hard-code it.
- Rotate your key periodically from the web dashboard.
- Monitor your credit usage to avoid unexpected exhaustion.