Production Authentication

Production deployments need secure credential management, environment-specific configurations, and proper secret handling. This guide covers advanced authentication patterns.

For basic SDK setup, see the Quickstart. This page covers production-ready authentication patterns.

Using .env Files for Local Development

For local development, use environment variable management tools to load secrets from a .env file: 1. Create a .env file with your api key:

.env

BREAD_API_KEY=your_api_key_here

2. Load in your application:

Python
TypeScript

Install python-dotenv:

pip install python-dotenv

Or using uv:

uv pip install python-dotenv

Then load in your application:

import os
from dotenv import load_dotenv
from aibread import Bread

load_dotenv()  # Loads .env file

client = Bread(api_key=os.environ.get("BREAD_API_KEY"))

Note: If BREAD_API_KEY is already set as an environment variable (e.g., in production), you don’t need python-dotenv. The SDK will automatically read from the environment variable if you instantiate without passing api_key:

from aibread import Bread

# SDK automatically reads BREAD_API_KEY from environment
client = Bread()

Option 1: Using environment variables directly (no package needed)If BREAD_API_KEY is already set as an environment variable, you can use it directly:

import Bread from '@aibread/sdk';

// SDK automatically reads BREAD_API_KEY from process.env
const client = new Bread();

Or explicitly pass it:

import Bread from '@aibread/sdk';

const client = new Bread({
  apiKey: process.env.BREAD_API_KEY,
});

Option 2: Loading from .env file (for local development)If you want to load from a .env file, install dotenv:

npm install dotenv

Then load in your application:

import 'dotenv/config';
import Bread from '@aibread/sdk';

const client = new Bread({
  apiKey: process.env.BREAD_API_KEY,
});

Note: Many frameworks (Next.js, Vercel, etc.) automatically load .env files, so you may not need dotenv if you’re using one of these frameworks. Check your framework’s documentation for environment variable handling.

Add .env to your .gitignore to prevent committing secrets to version control:

echo ".env" >> .gitignore

Supported Environment Variables

The SDK reads these environment variables:

Variable	Description	Default
`BREAD_API_KEY`	API authentication key	Required
`BREAD_LOG`	Logging level (`info` or `debug`)	None

Best Practices

Use Environment Variables

Store API keys in environment variables, not in source code. This makes it easy to rotate keys and use different keys per environment.

Never Commit Keys

Add .env and any files containing secrets to .gitignore. Use secret management systems in production.

Monitor Key Usage

Track API key usage to detect unauthorized access or anomalous behavior.

Secret Management in Production

For production deployments, use secure secret management:

Python
TypeScript

import boto3
from aibread import Bread

def get_secret():
    client = boto3.client('secretsmanager', region_name='us-east-1')
    response = client.get_secret_value(SecretId='bread/api_key')
    return response['SecretString']

bread_client = Bread(api_key=get_secret())

import { SecretsManagerClient, GetSecretValueCommand } from '@aws-sdk/client-secrets-manager';
import Bread from '@aibread/sdk';

async function getSecret(): Promise<string> {
  const client = new SecretsManagerClient({ region: 'us-east-1' });
  const command = new GetSecretValueCommand({ SecretId: 'bread/api_key' });
  const response = await client.send(command);
  return response.SecretString ?? '';
}

const apiKey = await getSecret();
const breadClient = new Bread({ apiKey });

Next Steps

Production Patterns

Add error handling, retries, and monitoring

Error Handling

Handle authentication and API errors

Complete Your First Bake

Start baking with the authenticated SDK

Quickstart

Back to basic SDK setup

Getting Started

Baking Guides

Using Baked Models

SDK Guides

Configuration

Using .env Files for Local Development

Supported Environment Variables

Best Practices

Secret Management in Production

Next Steps

Production Patterns

Error Handling

Complete Your First Bake

Quickstart

Getting Started

Baking Guides

Using Baked Models

SDK Guides

Configuration

​Using .env Files for Local Development

​Supported Environment Variables

​Best Practices

​Secret Management in Production

​Next Steps

Production Patterns

Error Handling

Complete Your First Bake

Quickstart

Using .env Files for Local Development

Supported Environment Variables

Best Practices

Secret Management in Production

Next Steps