Claude Code with an Anthropic API Key

This guide walks you through routing Claude Code traffic through Glitch when your team authenticates Claude Code with an Anthropic API key (sk-ant-...). For the Pro/Max subscription OAuth flow, see Claude Code with a Max Subscription instead.

Prerequisites

Claude Code installed. Latest version recommended; install instructions at code.claude.com.
Anthropic API key. A sk-ant-... token from console.anthropic.com.
Glitch account. Sign up at app.golabrat.ai if you don’t have one.
Glitch sensor reachable from your machine. Either the SaaS sensor at your assigned subdomain, or a self-hosted sensor on your network.

Step 1: Create a Glitch API key

The Glitch API key authenticates your team to the gateway and ties every Claude Code session to a specific Glitch project, policy, and audit trail.

Sign in to app.golabrat.ai.
Navigate to Settings → API Keys (or your project’s Keys tab).
Click Create API Key, name it something like claude-code-{team}, and pick the project whose detection policy should apply.
Copy the generated key. It looks like glitch_sk_... and is shown only once.

You’ll set this as X-Glitch-Key in the next step. Lose it and you’ll need to mint a new one.

Step 2: Configure Claude Code

Claude Code reads three environment variables to point itself at a gateway. Set them in your shell profile (.zshrc / .bashrc) or in Claude Code’s settings.json:

# Where Claude Code sends requests (was: api.anthropic.com)
export ANTHROPIC_BASE_URL="https://your-glitch-sensor.example.com"

# Your existing Anthropic API key. Forwarded verbatim by Glitch to upstream.
export ANTHROPIC_API_KEY="sk-ant-..."

# Glitch tenant authentication. Goes in a custom header that Claude Code
# attaches to every outbound request.
export ANTHROPIC_CUSTOM_HEADERS="X-Glitch-Key: glitch_sk_..."

Environment variables explained

Variable	Purpose
`ANTHROPIC_BASE_URL`	Redirects Claude Code’s requests from `api.anthropic.com` to your Glitch sensor. The sensor then forwards to Anthropic upstream after running detection.
`ANTHROPIC_API_KEY`	Your Anthropic API key. Claude Code sends it as `Authorization: Bearer sk-ant-...`. Glitch forwards this header byte-for-byte to `api.anthropic.com` — Glitch never inspects or rewrites it.
`ANTHROPIC_CUSTOM_HEADERS`	Custom HTTP headers Claude Code attaches to every request. Used here to send `X-Glitch-Key` so the Glitch sensor can authenticate your team. The value is a single header line (`Header-Name: value`); for multiple headers use commas.

You can scope these to a specific repo by putting them in .claude/settings.json at the repo root rather than your shell profile. That keeps the Glitch routing local to projects where it matters.

{
  "env": {
    "ANTHROPIC_BASE_URL": "https://your-glitch-sensor.example.com",
    "ANTHROPIC_API_KEY": "sk-ant-...",
    "ANTHROPIC_CUSTOM_HEADERS": "X-Glitch-Key: glitch_sk_..."
  }
}

Step 3: Verify the setup

Run a non-interactive Claude Code prompt and watch it work:

claude -p "Print exactly the word: routed"

If everything is wired correctly, you should see Claude print routed. The request flowed claude → Glitch sensor → api.anthropic.com and back.

Verify with curl directly

If you want to test without Claude Code in the loop, hit the gateway from curl:

curl -sS https://your-glitch-sensor.example.com/v1/messages \
  -H "Content-Type: application/json" \
  -H "X-Glitch-Key: glitch_sk_..." \
  -H "Authorization: Bearer sk-ant-..." \
  -H "anthropic-version: 2023-06-01" \
  -d '{
    "model": "claude-3-5-sonnet-20241022",
    "max_tokens": 32,
    "messages": [{"role": "user", "content": "Say hi in three words."}]
  }'

Expected: a JSON response from Anthropic with id, content, usage, etc. — exactly what api.anthropic.com would return directly, plus risk-score response headers (X-Risk-Blocked, X-Risk-Categories, X-Risk-Confidence) added by Glitch.

Step 4: Inspect the audit log

After running a few prompts:

Open app.golabrat.ai and navigate to Logs for the project.
Filter by request path /v1/messages. Each row corresponds to one Claude Code request.
Click into a log to see the rendered Anthropic conversation — system prompt, tools, user/assistant turns — alongside detection findings, model, token counts, and latency.
Use the session id (visible in metadata) to group all turns from the same Claude Code conversation.

How it works

Claude Code with an API key sends requests like:

POST /v1/messages HTTP/1.1
Host: your-glitch-sensor.example.com
Authorization: Bearer sk-ant-...
X-Glitch-Key: glitch_sk_...
X-Claude-Code-Session-Id: 902dca16-accd-42aa-8a2a-1dd562e45c20
anthropic-version: 2023-06-01
Content-Type: application/json

{
  "model": "claude-3-5-sonnet-20241022",
  "max_tokens": 4096,
  "system": "You are Claude Code...",
  "messages": [{"role": "user", "content": "Refactor this..."}]
}

The Glitch sensor:

Authenticates your team via X-Glitch-Key against the Glitch platform.
Looks up your project’s detection policy (the rules and thresholds you’ve configured).
Runs the detection pipeline against the request body — signature detectors (regex-based) and LLM-based classifiers run in parallel.
Either forwards or blocks:
- If the policy allows the request, Glitch makes a POST to https://api.anthropic.com/v1/messages with Authorization, x-api-key, anthropic-version, and anthropic-beta headers forwarded verbatim. The response (or stream) is piped back to Claude Code with X-Risk-* response headers added.
- If the policy denies the request, Glitch returns a 403 with an Anthropic-shaped error envelope ({"type":"error","error":{"type":"permission_error",...}}). Claude Code surfaces this to the user.
Emits a SecurityEvent to your audit log with: session id, model, input tokens, detector findings, response status, and latency.

X-Glitch-Key is consumed by the sensor and never leaks to upstream. The Authorization header containing your Anthropic key is forwarded byte-for-byte but is redacted to [REDACTED] in audit logs.

Troubleshooting

Claude Code returns “Failed to authenticate. API Error: 401”

Two possible causes:

Glitch tenant auth failed. Your X-Glitch-Key is missing, malformed, or revoked. Check the value of ANTHROPIC_CUSTOM_HEADERS and confirm the key is active in the Glitch dashboard.
Anthropic API key was rejected upstream. Glitch forwards the key verbatim — if Anthropic rejects it, that’s an issue with the key itself. Verify by hitting api.anthropic.com directly with the same key.

To distinguish, check the Glitch logs page for the request: a 401 from Glitch tenant auth shows up there as a failed event; a 401 from upstream shows up as a successful Glitch authentication followed by a 401 response forwarded from Anthropic.

Claude Code returns “API Error: 403 — Request blocked by Glitch security policy”

Detection fired and your project’s policy blocked the request. Open the corresponding event in the Glitch dashboard’s Logs view to see exactly which detector triggered. Common scenarios:

A user prompt that resembles a prompt-injection attempt.
PII content (SSNs, credit cards, etc.) that triggered a signature detector.
A jailbreak signature.

If the block is a false positive, you can adjust your project’s policy threshold for that detector (raise from L2 to L1, change the action from block to log/alert, or move to a less aggressive policy template).

Claude Code can’t connect at all

# Verify the sensor is reachable
curl -sf https://your-glitch-sensor.example.com/health

Expected response: {"status":"healthy", ...}.

If that fails, your ANTHROPIC_BASE_URL is wrong, your network can’t reach the sensor, or the sensor is down. Check the URL spelling, your VPN/firewall, and the Glitch status page if you’re on the SaaS sensor.

Latency is higher than calling Anthropic directly

Glitch adds two things to the request path: tenant verification (one round-trip to the Glitch platform) and detection (signature regex is sub-millisecond; LLM detection adds ~200-800ms depending on model). For latency-sensitive applications, you can scope the detection policy to fewer detectors or move LLM-based detection from block to alert mode.

Claude Code with a Max subscription — the OAuth path
API Reference — full request/response shapes and error codes
Detectors → Threshold Levels — tune detection sensitivity per project