Overview
OAuth authentication endpointsAvailable Operations
- exchange_auth_code_for_api_key - Exchange authorization code for API key
- create_auth_code - Create authorization code
exchange_auth_code_for_api_key
Exchange an authorization code from the PKCE flow for a user-controlled API keyExample Usage
Parameters
| Parameter | Type | Required | Description | Example |
|---|---|---|---|---|
code | str | :heavy_check_mark: | The authorization code received from the OAuth redirect | auth_code_abc123def456 |
http_referer | Optional[str] | :heavy_minus_sign: | The app identifier should be your app’s URL and is used as the primary identifier for rankings. This is used to track API usage per application. | |
x_open_router_title | Optional[str] | :heavy_minus_sign: | The app display name allows you to customize how your app appears in OpenRouter’s dashboard. | |
x_open_router_categories | Optional[str] | :heavy_minus_sign: | Comma-separated list of app categories (e.g. “cli-agent,cloud-agent”). Used for marketplace rankings. | |
code_challenge_method | OptionalNullable[operations.ExchangeAuthCodeForAPIKeyCodeChallengeMethod] | :heavy_minus_sign: | The method used to generate the code challenge | S256 |
code_verifier | Optional[str] | :heavy_minus_sign: | The code verifier if code_challenge was used in the authorization request | dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk |
retries | Optional[utils.RetryConfig] | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. |
Response
operations.ExchangeAuthCodeForAPIKeyResponseErrors
| Error Type | Status Code | Content Type |
|---|---|---|
| errors.BadRequestResponseError | 400 | application/json |
| errors.ForbiddenResponseError | 403 | application/json |
| errors.InternalServerResponseError | 500 | application/json |
| errors.OpenRouterDefaultError | 4XX, 5XX | */* |
create_auth_code
Create an authorization code for the PKCE flow to generate a user-controlled API keyExample Usage
Parameters
| Parameter | Type | Required | Description | Example |
|---|---|---|---|---|
callback_url | str | :heavy_check_mark: | The callback URL to redirect to after authorization. Supports https URLs and localhost/127.0.0.1 URLs on any port for local CLI tools. | https://myapp.com/auth/callback |
http_referer | Optional[str] | :heavy_minus_sign: | The app identifier should be your app’s URL and is used as the primary identifier for rankings. This is used to track API usage per application. | |
x_open_router_title | Optional[str] | :heavy_minus_sign: | The app display name allows you to customize how your app appears in OpenRouter’s dashboard. | |
x_open_router_categories | Optional[str] | :heavy_minus_sign: | Comma-separated list of app categories (e.g. “cli-agent,cloud-agent”). Used for marketplace rankings. | |
code_challenge | Optional[str] | :heavy_minus_sign: | PKCE code challenge for enhanced security | E9Melhoa2OwvFrEMTJguCHaoeK1t8URWbuGJSstw-cM |
code_challenge_method | Optional[operations.CreateAuthKeysCodeCodeChallengeMethod] | :heavy_minus_sign: | The method used to generate the code challenge | S256 |
expires_at | date | :heavy_minus_sign: | Optional expiration time for the API key to be created | 2027-12-31T23:59:59Z |
key_label | Optional[str] | :heavy_minus_sign: | Optional custom label for the API key. Defaults to the app name if not provided. | My Custom Key |
limit | Optional[float] | :heavy_minus_sign: | Credit limit for the API key to be created | 100 |
usage_limit_type | Optional[operations.UsageLimitType] | :heavy_minus_sign: | Optional credit limit reset interval. When set, the credit limit resets on this interval. | monthly |
workspace_id | Optional[str] | :heavy_minus_sign: | Optional workspace ID to associate the API key with | |
retries | Optional[utils.RetryConfig] | :heavy_minus_sign: | Configuration to override the default retry behavior of the client. |
Response
operations.CreateAuthKeysCodeResponseErrors
| Error Type | Status Code | Content Type |
|---|---|---|
| errors.BadRequestResponseError | 400 | application/json |
| errors.UnauthorizedResponseError | 401 | application/json |
| errors.ForbiddenResponseError | 403 | application/json |
| errors.ConflictResponseError | 409 | application/json |
| errors.InternalServerResponseError | 500 | application/json |
| errors.OpenRouterDefaultError | 4XX, 5XX | */* |