Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.nusomi.com/llms.txt

Use this file to discover all available pages before exploring further.

All Nusomi requests are authenticated with an API key passed in the Authorization header.

API key formats

PrefixEnvironmentNotes
nsk_live_…ProductionReal captures and exports. Bill against your account.
nsk_test_…Test modeNo data persisted past 7 days. Free.
nsk_local_…Self-hostedIssued by your own deployment. Never leaves your VPC.
API keys are scoped to a workspace. A workspace can have multiple keys (one per service / engineer / CI pipeline).

Setting the key

export NUSOMI_API_KEY="nsk_live_..."
Never commit API keys to source control. Use .env files locally, your secret manager (Vault, AWS Secrets Manager, GitHub Actions secrets) in CI.

Rotating a key

  1. Issue a new key in the dashboard (Workspace → API keys → New key).
  2. Roll the new key into your environment.
  3. Revoke the old key once traffic has shifted.
Old keys keep working until revoked — there’s no time limit on coexistence so rotations don’t have to be instant.

Scopes

API keys carry one of three scopes:
ScopeCan doCannot do
readQuery sessions, events, exportsCreate or modify recordings
writeEverything read can + create / start / stop sessionsManage webhooks, billing, members
adminEverything write can + manage webhooks, billing, members
Default scope on new keys is write. Reduce to read for analytics dashboards or third-party integrations that only consume data.

Self-hosted authentication

In a self-hosted deployment, keys are minted by your own control plane. They never reach Nusomi infrastructure. See Self-hosted overview for the auth flow.