For clean Markdown of any page, append .md to the page URL. For a complete documentation index, see https://documentation.apexverify.com/api-reference/llms.txt. For full documentation content, see https://documentation.apexverify.com/api-reference/llms-full.txt.

# API Authentication

The ApexVerify API uses API keys to authenticate and authorize requests. You must include your unique API key with every request made to our endpoints to identify your client application.

<Note>
  **Security Recommendation**: Keep your API key confidential. Never expose it in client-side application code, public repositories, or unsecured environments.
</Note>

## Authenticating Requests

To authenticate, pass your API key as a custom HTTP header named `X-Api-Key` in all your HTTP requests.

```http
GET /v1/account/credits HTTP/1.1
Host: api.apexverify.com
X-Api-Key: YOUR_API_KEY
```

## Authentication Errors

If an API request is submitted without the `X-Api-Key` header, or if the provided key is invalid or revoked, the server will block the request and return a standard `401 Unauthorized` HTTP status code.

```http
HTTP/1.1 401 Unauthorized
Content-Type: application/json

{
  "message": "Unauthorized"
}
```