# Authentication

The Limy API uses API keys for authentication. Include your key in every request — that's it.

## Getting Your API Key

1. Log in to your [Limy dashboard](https://app.limy.ai)
2. Go to **Settings > API Keys**
3. Click **Create Key**, give it a name, and set an expiration
4. Copy the key — it's shown once and cannot be retrieved later

## Making Requests

Include your API key in the `X-API-Key` header:

```bash
curl https://app.limy.ai/api/v1/visibility/mentions \
  -H "X-API-Key: lk_your_api_key_here"
```

That's all you need. No tokens to exchange, no SDKs required.

## Code Examples

### Python

```python
import requests

API_KEY = "lk_your_api_key_here"
BASE_URL = "https://app.limy.ai/api/v1"

response = requests.get(
    f"{BASE_URL}/visibility/mentions",
    headers={"X-API-Key": API_KEY}
)

data = response.json()
```

### JavaScript / TypeScript

```javascript
const API_KEY = 'lk_your_api_key_here';
const BASE_URL = 'https://app.limy.ai/api/v1';

const response = await fetch(
  `${BASE_URL}/visibility/mentions`,
  { headers: { 'X-API-Key': API_KEY } }
);

const data = await response.json();
```

## Key Management

* **Expiration**: Keys expire based on the duration you set at creation (maximum 1 year)
* **Revocation**: Revoke a key instantly from Settings > API Keys
* **Limits**: Up to 5 active keys per account
* **Scope**: API keys provide read-only access to all analytics endpoints

## Security Best Practices

* Store keys in a secret manager (AWS Secrets Manager, Doppler, Vault, etc.)
* Never commit keys to source control
* Rotate keys periodically — create a new key before revoking the old one
* Use one key per integration so you can revoke individually

## Error Responses

| Status             | Meaning                                                  |
| ------------------ | -------------------------------------------------------- |
| `401 Unauthorized` | Missing, invalid, expired, or revoked API key            |
| `403 Forbidden`    | Valid key but insufficient permissions for this endpoint |


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://api-reference.limy.ai/getting-started/authentication.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.