401 Unauthorized.
Browser sessions
When you sign in at wuweism.com, your session is established automatically. All API requests made from the browser include your session credentials — no extra setup required.Programmatic access
To call the API from outside a browser (scripts, automation, server-side integrations), include your session token in every request:1
Sign in to your account
Go to wuweism.com and sign in with your email and password.
2
Obtain your session token
After signing in, retrieve your access token from your account settings under API Access, or from the session cookie set by your browser (
sb-access-token). You can also use the Supabase client library to sign in programmatically and receive the token in the response.3
Pass the token on every request
Include the token in the
Authorization header:4
Refresh the token before it expires
Session tokens are short-lived. Refresh your token before it expires to avoid
401 Unauthorized errors mid-session. Your auth library will handle this automatically if you use the SDK to sign in.Example request
Request headers
Your Wu-Weism session token, formatted as
Bearer <token>. Required on every API request.Your own AI provider API key (Anthropic, OpenAI, or Gemini). Optional. When provided, Wu-Weism uses this key for the underlying model call. See BYOK keys below.
BYOK AI provider keys
Causal chat and related AI-powered endpoints support Bring Your Own Key (BYOK). Pass your AI provider’s API key in theX-BYOK-Api-Key header to use your own account quota and billing.
Supported providers and their providerId values:
Session token vs. BYOK key — these are two different credentials.
Authorization: Bearer <token>— your Wu-Weism session token. This authenticates you to the Wu-Weism platform.X-BYOK-Api-Key: <key>— your API key from Anthropic, OpenAI, or Google. This is forwarded directly to the AI provider. Wu-Weism does not store this key beyond the duration of the request.
