> ## Documentation Index
> Fetch the complete documentation index at: https://docs.okrapdf.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication

> Authenticate API requests with your OkraPDF API key.

## API Keys

All API requests require an API key. Generate keys in your dashboard:

1. Go to [app.okrapdf.com/settings/api-keys](https://app.okrapdf.com/settings/api-keys)
2. Click **Create API Key**
3. Copy the key (starts with `okra_`)

<Warning>
  API keys grant full access to your account. Never expose them in client-side code or public repositories.
</Warning>

## Passing your key

Use one of these two methods:

### Bearer token (recommended)

```bash theme={null}
curl https://api.okra.app/v1/documents \
  -H "Authorization: Bearer okra_YOUR_KEY"
```

### Header

```bash theme={null}
curl https://api.okra.app/v1/documents \
  -H "x-api-key: okra_YOUR_KEY"
```

## Security best practices

* Store keys in environment variables, not in code
* Use different keys for development and production
* Rotate keys periodically
* Revoke keys immediately if compromised

For route-level access boundaries, see [Security Model](/api-reference/security-model).

```bash theme={null}
# .env
OKRA_API_KEY=okra_YOUR_KEY
```

```python theme={null}
import os
import requests

resp = requests.get(
    "https://api.okra.app/v1/documents",
    headers={"Authorization": f"Bearer {os.environ['OKRA_API_KEY']}"},
)
```

## Error responses

Invalid or missing API keys return a `401` status:

```json theme={null}
{
  "error": {
    "code": "UNAUTHORIZED",
    "message": "Invalid or revoked API key."
  }
}
```