> ## Documentation Index
> Fetch the complete documentation index at: https://apixo.ai/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication

> Learn how to authenticate your API requests

All APIXO API requests require authentication using a Bearer token.

## Get Your API Key

<Steps>
  <Step>
    ### Create an Account

    Sign up at [apixo.ai](https://apixo.ai) if you haven't already.
  </Step>

  <Step>
    ### Access the Dashboard

    Navigate to **Dashboard** → **API Keys**.
  </Step>

  <Step>
    ### Generate a Key

    Click **Create New Key**, give it a name, and copy the key immediately.

    <Warning>
      API keys are only shown once. Store it securely.
    </Warning>
  </Step>
</Steps>

## Using Your API Key

Include your API key in the `Authorization` header of every request:

```
Authorization: Bearer YOUR_API_KEY
```

<Tabs>
  <Tab title="cURL">
    ```bash theme={null}
    curl -X POST https://api.apixo.ai/api/v1/generateTask/nano-banana \
      -H "Authorization: Bearer YOUR_API_KEY" \
      -H "Content-Type: application/json" \
      -d '{"request_type": "async", "input": {"prompt": "A sunset"}}'
    ```
  </Tab>

  <Tab title="JavaScript">
    ```javascript theme={null}
    const response = await fetch('https://api.apixo.ai/api/v1/generateTask/nano-banana', {
      method: 'POST',
      headers: {
        'Authorization': 'Bearer YOUR_API_KEY',
        'Content-Type': 'application/json',
      },
      body: JSON.stringify({
        request_type: 'async',
        input: { prompt: 'A sunset' }
      }),
    });

    const data = await response.json();
    console.log(data.data.taskId);
    ```
  </Tab>

  <Tab title="Python">
    ```python theme={null}
    import requests

    response = requests.post(
        'https://api.apixo.ai/api/v1/generateTask/nano-banana',
        headers={
            'Authorization': 'Bearer YOUR_API_KEY',
            'Content-Type': 'application/json',
        },
        json={
            'request_type': 'async',
            'input': {'prompt': 'A sunset'}
        }
    )

    data = response.json()
    print(data['data']['taskId'])
    ```
  </Tab>
</Tabs>

## Security Best Practices

<CardGroup>
  <Card title="Never expose keys in client-side code">
    API keys should only be used in server-side applications
  </Card>

  <Card title="Use environment variables">
    Store keys in `.env` files, never commit them to git
  </Card>

  <Card title="Rotate keys regularly">
    Create new keys and revoke old ones periodically
  </Card>

  <Card title="Set up IP allowlists">
    Restrict key usage to specific IP addresses in the dashboard
  </Card>
</CardGroup>

## Error Responses

If authentication fails, you'll receive:

```json theme={null}
{
  "code": 401,
  "message": "Invalid or missing API key"
}
```

Common causes:

* Missing `Authorization` header
* Invalid or revoked API key
* Key doesn't have permission for the requested model

## Next Steps

Now that you're authenticated, try the [Quickstart](/quickstart) guide to generate your first image.
