Getting Started

Authentication

Arc authentication is intentionally separate from the provider key that actually reaches OpenAI, Anthropic, or another upstream.

Request Auth Key Model Errors

Request Authentication

Every call to Arc uses Authorization: Bearer arc_live_.... Arc validates the Arc key, resolves the workspace and project context, then loads the correct provider key internally.

http

Authorization: Bearer arc_live_<your-key>

Key Model

Arc key

Presented by your app on every request. Used for workspace authentication, attribution, rate limiting, and logging.

Provider key

Stored in Arc and decrypted server-side before the upstream request is made. Your app does not send it directly.

Implication

Rotating provider credentials does not require updating every client integration that already talks to Arc.

Error Cases

401 Unauthorized

status

Missing, malformed, empty, or invalid Arc key.

400 Bad Request

status

Bad request shape such as unsupported provider inference or invalid routing config.

502 Bad Gateway

status

The upstream provider returned an error or the Arc proxy could not connect cleanly.

504 Gateway Timeout

status

The upstream provider timed out while Arc was waiting for a response.

Quickstart

Routes