***

title: Authentication
description: Learn how to authenticate requests using API keys.
icon: key
---------

## Obtaining Your API Key

To access our API, you need an API key. You can generate your API key by visiting the [Smallest AI Console](https://console.smallest.ai/apikeys?utm_source=documentation\&utm_medium=api-references).

## Using API Keys

Once you have an API key, you must include it in the `Authorization` header of each request using the **Bearer Token** scheme.

### Example Request

```http
GET /v1/some-endpoint HTTP/1.1
Host: api.smallest.ai
Authorization: Bearer YOUR_API_KEY_HERE
```

## Security Best Practices

* **Keep your API key private**: Do not expose your key in client-side applications.
* **Rotate keys periodically**: Regularly regenerate your API keys to enhance security.
* **Use environment variables**: Store API keys securely instead of hardcoding them in your source code.
* **Monitor API usage**: Keep track of your API calls to detect any unauthorized access.

For more details, visit our [API Documentation](/waves/documentation/getting-started/authentication#model-overview).