Authentication
Navon uses bearer tokens. Create a key in the customer portal under your project, then pass it on every request:
Authorization: Bearer $NAVON_API_KEYKeys and scope
Section titled “Keys and scope”- Keys are scoped to a project, so usage and billing stay separate per team.
- Access is controlled through the portal with RBAC and SAML SSO; partners get keys through SSO and credits rather than shared secrets.
- Treat keys as secrets. Rotate them from the portal if one is exposed.
Data handling
Section titled “Data handling”Requests are served in-country. By default the Token Factory runs in zero-retention mode: prompts and outputs are not stored and are never used for training. Data residency and retention are covered by the Trust, Security & Governance layer.