> ## Documentation Index
> Fetch the complete documentation index at: https://docs.veedcrawl.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Authenticate Requests to the Veedcrawl API

> Every /v1/* endpoint requires an x-api-key header. Learn how to get a key, pass it correctly, and manage multiple keys per project.

Every request to a `/v1/*` endpoint must include your API key. Veedcrawl uses a single header-based authentication scheme — no OAuth flow, no token exchange. Add the header and your request is authenticated.

## Get your API key

Sign up at [veedcrawl.com/login](https://veedcrawl.com/login). Every new account receives **50 free credits** with no credit card required. Your API key is available in the dashboard immediately after signup.

## Pass the key in requests

Include your API key in the `x-api-key` header on every request to a `/v1/*` endpoint:

```bash theme={null}
curl "https://api.veedcrawl.com/v1/metadata?url=https://www.youtube.com/watch?v=dQw4w9WgXcQ" \
  -H "x-api-key: YOUR_KEY"
```

The `/health` endpoint does not require authentication. All other endpoints do.

<Tip>
  `X_API_KEY` is also accepted as an alternative header name, which matches the environment variable convention used by the MCP server.
</Tip>

## Manage keys via the API

You can create, list, and revoke API keys programmatically through the `/v1/keys` endpoints. All key management calls are free and require an existing valid key in the `x-api-key` header.

**List all keys for your org:**

```bash theme={null}
curl "https://api.veedcrawl.com/v1/keys" \
  -H "x-api-key: YOUR_KEY"
```

**Create a new key:**

```bash theme={null}
curl -X POST "https://api.veedcrawl.com/v1/keys" \
  -H "x-api-key: YOUR_KEY" \
  -H "Content-Type: application/json" \
  -d '{"name": "my-agent"}'
```

**Revoke a key by ID:**

```bash theme={null}
curl -X DELETE "https://api.veedcrawl.com/v1/keys/key_abc123" \
  -H "x-api-key: YOUR_KEY"
```

<Tip>
  Create a separate API key for each project, agent, or integration. If a key is compromised or you want to cut off a specific workflow, you can revoke just that key without affecting anything else.
</Tip>

## Error reference

| Status | Error code     | Cause                                                                                                 |
| ------ | -------------- | ----------------------------------------------------------------------------------------------------- |
| `401`  | `unauthorized` | The `x-api-key` header is missing or the key is invalid.                                              |
| `403`  | `forbidden`    | The key is valid but your account has insufficient credits or the request exceeds your plan's access. |

All error responses follow the same shape:

```json theme={null}
{
  "error": "unauthorized",
  "message": "Missing or invalid API key",
  "details": null,
  "documentationUrl": null
}
```

If you receive a `401`, check that the header name is exactly `x-api-key` and that the key value matches what's shown in your dashboard. If you receive a `403`, check your remaining credits at `GET /v1/me`.
