> ## Documentation Index
> Fetch the complete documentation index at: https://docs.sunor.cc/llms.txt
> Use this file to discover all available pages before exploring further.
# Authentication
> Authenticate your Suno API requests with an x-api-key header. Get your API key from the Sunor dashboard.
All API requests require authentication via an API key passed in the `x-api-key` HTTP header.
## Getting your API key
1. Sign in to your [sunor dashboard](https://sunor.cc/dashboard).
2. Navigate to [API Keys](https://sunor.cc/dashboard/api-keys).
3. Click **Create API Key** and give it a name.
4. Copy the key immediately -- it will only be shown once.
## Using your API key
Include the `x-api-key` header in every request:
```bash cURL theme={null}
curl -X GET https://sunor.cc/api/v1/account/balance \
-H "x-api-key: YOUR_API_KEY"
```
```python Python theme={null}
import requests
response = requests.get(
"https://sunor.cc/api/v1/account/balance",
headers={"x-api-key": "YOUR_API_KEY"},
)
print(response.json())
```
```javascript Node.js theme={null}
const response = await fetch("https://sunor.cc/api/v1/account/balance", {
headers: { "x-api-key": "YOUR_API_KEY" },
});
const data = await response.json();
console.log(data);
```
## Error responses
| Status | Meaning |
| ------ | ------------------------------------- |
| `401` | Missing or invalid `x-api-key` header |
Example error response:
```json theme={null}
{
"code": 401,
"message": "Missing x-api-key header"
}
```
## Security tips
**Never expose your API key in client-side code.** API keys should only be used in server-side applications or secure environments.
* Store your API key in environment variables, not in source code.
* Rotate keys periodically from the [API Keys](https://sunor.cc/dashboard/api-keys) page.
* If you suspect a key has been compromised, delete it immediately and create a new one.
* Each key is tied to your account -- anyone with the key can use your credits.