Browse docs

Getting Started
Tap to expand
StartUpdated 2026-05-25

Auth and Caller Model

How RetainDB authenticates API requests and scopes memory calls.

RetainDB API calls use server-side API keys.

http
Authorization: Bearer rdb_...

You can also send:

http
X-API-Key: rdb_...

Keep keys server-side

Do not put RetainDB API keys in browser JavaScript. Call RetainDB from your server, API route, worker, job, or agent runtime.

Attach caller scope yourself

RetainDB does not guess your product's user model. Your application should authenticate the caller, then attach stable scope fields:

  • project
  • user_id
  • session_id
  • agent_id
  • task_id
bash
RETAINDB_API_KEY="rdb_..."
RETAINDB_PROJECT="production"

The SDK also accepts RETAINDB_KEY for compatibility, but new docs use RETAINDB_API_KEY.

Next: Scopes.

Was this page useful?

Your feedback helps us make the product easier to ship with.