Authenticate API Requests

After a project connection is completed, send the same global API key with every request for that project:

Authorization: Bearer YOUR_API_KEY

The project identifier in the endpoint path or request must match an active connection saved under that key. A valid key without a connection to the requested project receives project_not_connected with HTTP 403.

Use GET /v1/auth/connections to list project IDs connected to the current key. Use POST /v1/auth/connections/validate with project_id to verify a key-to-project connection.

Never place a real API key in documentation, logs, client-side code, or source control.