Authentication
Bearer tokens everywhere
Use a Hermes API key for server-to-server calls. Keep secrets in a secure store and rotate them regularly.
X-Hermes-Key: $HERMES_API_KEYContent-Type: application/json
export HERMES_API_KEY=sk_... curl -sS https://api.hermes-api.dev/health \ -H "X-Hermes-Key: $HERMES_API_KEY"