> ## Documentation Index
> Fetch the complete documentation index at: https://storeinspect.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication

> Authenticate StoreInspect API requests with a paid-plan API key.

StoreInspect API requests use Bearer authentication.

```bash theme={null}
curl https://storeinspect.com/api/v1/usage \
  -H "Authorization: Bearer $STOREINSPECT_API_KEY"
```

## Key handling

* Store API keys in server-side environment variables.
* Do not send API keys in query strings.
* Use separate keys for separate integrations when possible.
* Rotate keys immediately if they are exposed.

<Note>
  API access is paid-plan gated. Public docs and `/openapi.json` remain accessible without an API key.
</Note>

## Request IDs

Every API response includes an `X-Request-Id` header and a `request_id` field in the JSON body.

Include the request ID when contacting support.

```text theme={null}
X-Request-Id: req_abc123
```

StoreInspect request logs are privacy-safe. They do not store raw API keys or revealed contact channels.