> ## Documentation Index
> Fetch the complete documentation index at: https://docs.cubestack.app/llms.txt
> Use this file to discover all available pages before exploring further.

# API Authentication

> How to authenticate requests to the CubeStack API.

# API Authentication

All authenticated API requests require an API key passed in the request headers.

## Using API Keys

Include your API key in the `X-Api-Key` header:

```bash theme={null}
curl "https://api.cubestack.app/api/v1/{project}/{cube}" \
  -H "X-Api-Key: your-api-key"
```

## Public Endpoints

Cubes with public access enabled can be accessed without authentication:

```bash theme={null}
curl "https://api.cubestack.app/api/v1/{project}/{cube}"
```

<Note>
  Public endpoints only return columns marked as public in the cube settings.
</Note>

## Security Best Practices

* Store API keys in environment variables, not in source code
* Use public access for client-side applications
* Use API keys only in server-side code
* Rotate keys if you suspect they've been compromised
