Authentication

Visgate supports three authentication methods depending on your environment.

API Key

The simplest approach. Set VISGATE_API_KEY as an environment variable or pass it directly to the client.

from visgate_sdk import Client
 
# Option 1: Environment variable (recommended)
# export VISGATE_API_KEY="vg-..."
client = Client()
 
# Option 2: Explicit key
client = Client(api_key="vg-...")

Server Proxy

For browser apps, never expose your API key in client-side code. Use a server-side proxy that injects the key before forwarding requests to Visgate.

The @visgate_ai/server-proxy package provides a ready-made proxy for Next.js and any Node.js server.

npm install @visgate_ai/server-proxy

Next.js App Router

Create the proxy route:

export const maxDuration = 300;
export { GET, POST, PUT, DELETE, OPTIONS } from "@visgate_ai/server-proxy/next";

Then configure the client:

import { Client } from "@visgate_ai/client";
 
const client = new Client({ proxyUrl: "/api/visgate" });
const result = await client.generate("a sunset");

Custom Server

For Express, Hono, or any Node.js server:

import { proxyToVisgate } from "@visgate_ai/server-proxy";
 
const response = await proxyToVisgate(request, {
  pathSegments: ["images", "generate"],
});

See Server Proxy Setup for full details.

Session Auth

When your app uses session tokens (e.g. Firebase ID tokens), pass a getToken function so the client sends a fresh Bearer token on each request. The proxy forwards it to the API.

import { Client } from "@visgate_ai/client";
 
const client = new Client({
  proxyUrl: "/api/visgate",
  getToken: async () => {
    return (await auth.currentUser?.getIdToken()) ?? "";
  },
});