Skip to main content

Public access

All core NaijaTaste endpoints are publicly accessible with no authentication:
  • POST /recommend
  • POST /simulate-review
  • GET /places/top-picks
  • GET /place-details/{place_id}
  • GET /cache/stats
  • GET /health
Start building right now. No credentials needed.

Three-key rotation (internal)

The API uses a three-key round-robin rotation on Gemini API keys internally, giving 3× the free-tier quota. This is handled server-side — you don’t need to worry about it as an API consumer.

What an API key tier will cover

A key tier is planned for:
  • Higher rate limits for production integrations
  • Access to user-level persona snapshots (with user consent)
  • Webhooks for cache invalidation events
  • Priority support
Keys will be issued through the API playground at naijataste-api.onrender.com/docs.

Using a key when available

curl -X POST https://naijataste-api.onrender.com/recommend \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{...}'

Security practices

  • Do not embed keys in client-side code or public repositories
  • Store keys in environment variables
  • Rotate immediately if compromised
# .env
NAIJATASTE_API_KEY=your_key_here

// Use in server-side code only
const res = await fetch('https://naijataste-api.onrender.com/recommend', {
  method: 'POST',
  headers: {
    'Authorization': `Bearer ${process.env.NAIJATASTE_API_KEY}`,
    'Content-Type': 'application/json'
  },
  body: JSON.stringify({ ... })
});

Rate limits

Understand the per-IP limits and how to handle rate limit responses.