Skip to content

Authentication

SIX supports two authentication methods that can be used independently or together.

Method 1: API Key (Standard)

The simplest method. Include your API key in the Authorization header:

curl -H "Authorization: Bearer YOUR_API_KEY" \
  https://six-sov.com/v1/chat/completions

This is compatible with any OpenAI client library.

Method 2: Cryptographic Signatures

For higher-assurance environments, SIX supports cryptographic signature authentication on every request. This provides:

  • Non-repudiation — proof that your organization sent the request
  • Tamper detection — any modification to the payload invalidates the signature
  • Key sovereignty — you generate and control your keys; SIX never stores your private key

Available Under NDA

Cryptographic authentication details (key generation, signature format, verification flow) are documented in the full technical specification provided to NDA partners.

How It Works (Conceptual)

  1. You generate a keypair on your infrastructure
  2. You sign each request payload with your private key
  3. SIX verifies the signature against your registered public key
  4. Both methods can coexist — API key + signature for belt-and-suspenders

Dual Authentication

You can use both methods simultaneously:

Mode API Key Signature Security Level
Standard Required Production-ready
Signed Required Required High-assurance
Belt & Suspenders Required Required Maximum

Key Management

Principle Implementation
Your keys, your control You generate keypairs; SIX never sees private keys
Public key registration Share your public key during onboarding
Key rotation Register new public keys at any time
Revocation Deactivate compromised keys immediately
Cryptographic Auth Documentation
Full key generation, signing, and verification documentation is available to NDA partners.

Request documentation →

Next Steps