Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.esheria.ai/llms.txt

Use this file to discover all available pages before exploring further.

API keys identify the client calling the Regulatory Pack API. Treat keys as production credentials. Esheria issues API keys during customer or pilot onboarding. Ask your Esheria workspace owner or Esheria contact for a key, then store it in your shell for local testing or in your service secret manager for production use.

Local Setup

export ESHERIA_API_BASE_URL="https://reg-api.esheria.co.ke"
export ESHERIA_API_KEY="YOUR_ESHERIA_API_KEY"
export ESHERIA_DEFAULT_PACK_ID="KE-DATA-PROTECTION"
For long-running services, store keys in the host secret manager and inject them as environment variables at runtime.

Test A Key

curl --compressed -sS \
  "$ESHERIA_API_BASE_URL/api/v1/domain-packs?limit=1" \
  -H "x-api-key: $ESHERIA_API_KEY" | jq
A valid key returns status: ok. An invalid key returns the normal error envelope with unauthorized.

CLI Configuration

The CLI reads the same environment variables. 
esheria doctor --pack "$ESHERIA_DEFAULT_PACK_ID" --format json
The CLI redacts credential status in diagnostics. It should report whether a key is set or missing, never the key value.

Rotation Checklist

  1. Issue a new key.
  2. Deploy the new key to services and MCP hosts.
  3. Run esheria packs list --format json.
  4. Revoke the old key.
  5. Remove exposed key material from shell history, logs, and screenshots.

Common Failure Modes

SymptomCauseResolution
Works in one terminal but not anotherEnvironment variable was exported only in one shellRe-export the key or use your shell profile carefully
CLI calls SSH or another commandA local alias shadows esheriaRun type -a esheria and remove the alias
Browser playground fails on pilot URLHTTPS docs page calling an HTTP pilot server can be blockedUse the production HTTPS base URL for browser-based playgrounds