Authentication
Learn how to authenticate your requests to the Carapis API.
API Keys
All API requests require authentication using an API key. You can obtain your API key from the Carapis dashboard.
Getting Your API Key
- Sign up for a Carapis account
- Navigate to the API Keys section
- Generate a new API key
- Keep your API key secure and never share it publicly
Authentication Methods
Header Authentication (Recommended)
Include your API key in the Authorization header:
curl -H "Authorization: Bearer YOUR_API_KEY" \
https://api.carapis.com/v1/encar/vehicles
Query Parameter Authentication
You can also pass the API key as a query parameter:
curl "https://api.carapis.com/v1/encar/vehicles?api_key=YOUR_API_KEY"
Security Best Practices
- Never expose your API key in client-side code
- Use HTTPS for all API requests
- Rotate your API keys regularly
- Monitor your API usage for suspicious activity
- Use environment variables to store API keys
Rate Limiting
API keys are subject to rate limiting. See the Rate Limits documentation for details.
Error Responses
If authentication fails, you'll receive a 401 Unauthorized response:
{
"error": "authentication_failed",
"message": "Invalid API key",
"status": 401
}