> ## Documentation Index > Fetch the complete documentation index at: https://docs.autype.com/llms.txt > Use this file to discover all available pages before exploring further. # Authentication > How to authenticate your API requests All API requests require authentication via API Key. Create API keys in your Autype dashboard under **Settings → API Keys**. ## Providing your API key Include your API key in the `X-API-Key` header (case-insensitive): ```bash theme={null} curl -H "X-API-Key: ak_your_api_key_here" https://api.autype.com/api/v1/dev/... ``` Only API keys with the `ak_` prefix are accepted. Bearer authentication and JWT tokens are not supported on the Developer API. ## API key scope * API keys are bound to your organization * All operations and resources are scoped to your organization * Credit costs are deducted from your organization's balance ## Security best practices API keys should only be used in server-side applications. Never include them in JavaScript that runs in the browser. Store your API key in environment variables rather than hardcoding it in your source code. ```bash theme={null} export AUTYPE_API_KEY=ak_your_api_key_here ``` Create new API keys periodically and revoke old ones. You can manage keys in your dashboard. Create separate API keys for development, staging, and production environments. ## Error responses | Status Code | Message | Description | | ----------- | ---------------------------- | ------------------------------------------ | | 401 | `API key is required` | No API key was provided in the request | | 401 | `Invalid or expired API key` | The API key is invalid or has been revoked |