Authentication PureRouter is a completely independent product from PureCPP. You can use PureRouter without needing PureCPP and vice versa.
PureRouter uses API keys to authenticate requests. This guide explains how to obtain, manage, and use your API keys securely.
Getting Your API Key To use PureRouter, you need a valid API key:
Sign up for the PureAI platform : Visit pureai.com and create your accountGet your PureRouter API key : In the API Keys section, generate a specific key for PureRouter
Your API keys grant access to platform resources. Treat them like passwords and never share them publicly or include them in code repositories.
Configuring the SDK There are several ways to configure the PureRouter Python SDK with your API key:
1. Direct Initialization from purerouter import PureRouter # Simplest method: pass the key directly client = PureRouter( router_key = "your-api-key-here" ) 2. Environment Variables A safer practice is to use environment variables:
import os from purerouter import PureRouter # Set the PUREROUTER_API_KEY environment variable # In terminal: export PUREROUTER_API_KEY="your-api-key-here" # The SDK will automatically fetch the key from the environment variable client = PureRouter() 3. Configuration File You can also use a configuration file:
from purerouter import PureRouter # Create a .env or config.json file with your credentials # The SDK can be configured to load from this file client = PureRouter.from_config( "path/to/config.json" ) Key Rotation For enhanced security, it’s recommended to rotate your keys periodically:
Generate a new key on the PureAI platform
Gradually update your applications to use the new key
After confirming all systems are working with the new key, revoke the old one
Security Best Practices
Never Expose Keys in Source Code
Never include API keys directly in source code, especially in public repositories. Use environment variables or secret management systems.
When possible, create keys with limited permissions for each specific application or service.
Regularly check API usage logs to detect suspicious activities or unauthorized usage.
Configure rate limits in your application to prevent accidental or malicious excessive API usage.
Authentication Error Handling When authentication problems occur, the SDK returns specific errors:
from purerouter import PureRouter from purerouter.exceptions import AuthenticationError try : client = PureRouter( router_key = "invalid-key" ) response = client.router.infer( ... ) except AuthenticationError as e: print ( f "Authentication error: { e } " ) # Implement retry logic or notification Complete Example with Secure Authentication import os from dotenv import load_dotenv from purerouter import PureRouter from purerouter.types import InferRequest from purerouter.exceptions import AuthenticationError, RateLimitError # Load environment variables from a .env file load_dotenv() def get_purerouter_client (): # Try to get the key from environment variable api_key = os.getenv( "PUREROUTER_API_KEY" ) if not api_key: raise ValueError ( "PUREROUTER_API_KEY not found in environment variables" ) return PureRouter( router_key = api_key) def process_query_safely ( query , max_retries = 3 ): retry_count = 0 while retry_count < max_retries: try : client = get_purerouter_client() response = client.router.infer(InferRequest( prompt = query, profile = "balanced" )) return response except AuthenticationError as e: print ( f "Authentication error: { e } " ) # Here you could implement logic to renew the key # or notify administrators raise except RateLimitError as e: retry_count += 1 wait_time = 2 ** retry_count # Exponential backoff print ( f "Rate limit reached. Retrying in { wait_time } seconds..." ) time.sleep(wait_time) except Exception as e: print ( f "Unexpected error: { e } " ) raise raise Exception ( f "Failed after { max_retries } attempts" ) Next Steps 
