Authentication
Fire Mission API keys are prefixed fm_live_ (production) or fm_test_ (test). Each key has its own spend cap, monthly call
cap, and audit trail. Create and rotate keys in the dashboard under API Key Management.
OpenAI surface
Pass your Fire Mission key as a Bearer token, exactly like an OpenAI key:
Authorization: Bearer fm_live_abc123...Anthropic surface
Pass your Fire Mission key as x-api-key, exactly like an Anthropic key:
x-api-key: fm_live_abc123...
anthropic-version: 2023-06-01Key types
| Prefix | Use | Tracked |
|---|---|---|
fm_live_ | Production traffic | Yes — counts against caps and billing |
fm_test_ | CI / staging | Yes — separate spend ledger |
Provider keys (BYOK)
Provider keys for OpenAI, Anthropic, Google, Groq, etc. are configured separately in the dashboard. They are AES-256 encrypted at rest and used only to forward your call to the upstream provider. Fire Mission never persists raw prompts or completions — only metadata. See the BYOK guide for the full lifecycle.
Revoking keys
Revoke a key from the dashboard or via the gateway operation org.api-key.revoke. Revocation is immediate and is recorded in
the audit log with the actor, IP, and reason.