nineninesix.ai API

Authentication

Learn how to authenticate your requests to the Nineninesix API.

All API requests require an API key. Keys are scoped to a project within your organization.

API Keys

API keys follow the format sk_996_<prefix>_<secret> and are created from your dashboard.

API keys are shown only once at creation. Store them securely — we only keep a hash on our end.

Using Your Key

Pass the key as a Bearer token (or in the X-API-Key header):

Authorization: Bearer sk_996_your_api_key

For WebSocket connections that can't set headers, pass the key as a query parameter: ?api_key=sk_996_....

Full Example

curl
curl -N https://api.nineninesix.ai/tts/bytes \
  -H "Authorization: Bearer sk_996_your_api_key" \
  -H "Content-Type: application/json" \
  -d '{"model_id":"gepard-1.0","transcript":"Hello!","voice":{"mode":"id","id":"<voice-id>"},"output_format":{"container": "wav", "encoding": "pcm_s16le", "sample_rate": 22050}}'

With an SDK

Python
from cartesia import Cartesia

client = Cartesia(
    api_key="sk_996_your_api_key",
    base_url="https://api.nineninesix.ai",
)
Node.js
import { Cartesia } from "@cartesia/cartesia-js";

const client = new Cartesia({
  apiKey: "sk_996_your_api_key",
  baseURL: "https://api.nineninesix.ai",
});

Security Best Practices

  • Never expose keys in client-side code — always call the API from your server
  • Use environment variables to store keys (e.g. NINENINESIX_API_KEY)
  • Rotate keys regularly — revoke old keys and generate new ones from the dashboard
  • Use separate keys for development and production

Key Management

You can manage your API keys from the API Keys page:

  • Create — generate a new key with a descriptive name
  • Revoke — immediately disable a key (cannot be undone)
  • Monitor — see when each key was last used

On this page