​

Authentication

​

API Key Header

Authorization: Bearer YOUR_API_KEY

​

Security Best Practices

• Store API keys securely using environment variables
• Never expose API keys in client-side code or public repositories
• Rotate API keys periodically
• Use separate API keys for development and production

​

Rate Limiting

• 100 requests per minute per API key
• Rate limit headers are included in responses
• Contact us to discuss higher rate limits

​

Error Responses

{
"error": "Unauthorized",
"message": "Invalid or missing API key",
"status": 401
}