Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.responsibleailabs.ai/llms.txt

Use this file to discover all available pages before exploring further.

All RAIL API requests are authenticated with API keys. Keys are tied to your account, carry your credit balance, and appear in your usage logs.

Getting an API key

1

Sign up

Create a free account at responsibleailabs.ai.
2

Open your dashboard

Go to your Dashboard and navigate to the API Keys section.
3

Generate a key

Click Generate Key. Keys start with rail_ and are shown exactly once. Copy yours immediately.
Your key will not be shown again after you close the dialog. Store it securely before leaving the page.

Using the API key

Pass your key as a Bearer token in the Authorization header on every request: 
Authorization: Bearer YOUR_RAIL_API_KEY
Full cURL example: 
curl -X POST https://api.responsibleailabs.ai/railscore/v1/eval \
  -H "Authorization: Bearer YOUR_RAIL_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"content": "Your AI-generated text here", "mode": "basic"}'

SDK authentication

Both SDKs accept the API key at client construction and attach the header automatically: 
from rail_score_sdk import RailScoreClient
import os

# Pass key directly (fine for scripts)
client = RailScoreClient(api_key="YOUR_RAIL_API_KEY")

# Recommended: read from environment variable
client = RailScoreClient(api_key=os.environ["RAIL_API_KEY"])

Environment variables

Never hardcode API keys in source files. Use environment variables and keep keys out of version control. 
# .env  — add to .gitignore, never commit this file
RAIL_API_KEY=YOUR_RAIL_API_KEY

from dotenv import load_dotenv
import os

load_dotenv()
api_key = os.environ["RAIL_API_KEY"]

Key management

You can create multiple keys for different environments (production, staging, CI). Manage all keys from your dashboard.
ActionWhen to use
Generate keyNew environment, onboarding a new service, or rotating credentials on schedule
Rename keyAdd context like “production-chatbot” or “staging-ci” for usage tracking
Revoke keySuspected leak, employee offboarding, or decommissioning a service. Takes effect immediately.
Zero-downtime rotation: Generate a new key, deploy it to your service and verify it works, then revoke the old key. Swapping takes seconds.

Rate limits

Rate limits are applied per API key. Exceeding the limit returns HTTP 429.
PlanRequests / minRequests / day
Free10100
Pro605,000
Business30050,000
EnterpriseCustomCustom

Security best practices

  • Never expose keys in client-side code. Browsers are public. Always call the API from your backend or serverless function.
  • Store keys in environment variables, never hardcoded in source files or Docker images.
  • Add .env to .gitignore before the first commit so keys are never accidentally pushed.
  • Use separate keys per environment. If staging is compromised, production stays safe.
  • Revoke immediately if exposed. Generate a replacement first, then revoke.
  • Rotate on a schedule. Periodically regenerating keys limits the blast radius of any undetected leak.

Auth error responses

StatusErrorFix
401Missing or malformed Authorization headerAdd Authorization: Bearer …
401Invalid API keyVerify the key starts with rail_ and is copied correctly
403API key revoked or inactiveGenerate a new key from the dashboard
429Rate limit exceededReduce request frequency or upgrade plan

What’s next

Quickstart

Make your first evaluation request in under 5 minutes.

Credits & Pricing

Understand how credits are charged per call.

API Reference

Full parameter reference for all endpoints.

Dashboard

Manage keys, view usage, and monitor credit balance.