Request & Response Headers
Request & Response Headers
Authentication
| Header | Format | Description |
|---|---|---|
Authorization | Bearer ck-xxxxx | Recommended for OpenAI SDKs and most HTTP clients |
x-api-key | ck-xxxxx | Compatible with Anthropic-style clients |
If both headers are present, Authorization takes precedence.
Request Headers
| Header | Description |
|---|---|
Content-Type: application/json | JSON POST requests |
Content-Type: multipart/form-data | File upload requests such as audio transcription |
anthropic-version | Relevant only to Anthropic-compatible paths |
anthropic-beta | Relevant only to Anthropic-compatible paths |
X-Request-Id | Optional client request ID |
Response Headers
| Header | Description |
|---|---|
X-Request-Id | Request trace ID; include it when contacting support |
X-RateLimit-Limit | Current requests-per-minute limit when available |
X-RateLimit-Remaining | Remaining requests in the current window when available |
Content-Type | JSON or SSE stream |
Routing, region, and failover details are admin diagnostics and are not part of the stable public API header contract.
CORS
Browser requests are allowed only from trusted Chuizi.AI site origins. Server-to-server calls, SDKs, and curl usually do not include an Origin header and are not affected by browser CORS.
Never expose API keys in frontend browser code. Proxy browser features through your backend.