> ## Documentation Index
> Fetch the complete documentation index at: https://developers.mageloyalty.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication

> Authenticate requests to the Mage Loyalty API using API keys.

## API keys

All API requests must include your API key in the `Authorization` header. No `Bearer` prefix is needed.

```bash theme={null}
curl https://api.mageloyalty.com/v1/customers \
  -H "Authorization: your-api-key-here"
```

API keys are generated in the Mage Loyalty dashboard under **Settings > API Keys** (Growth plan and above).

<Warning>
  API keys grant access to your loyalty program data. Never expose full-access keys in client-side code.
</Warning>

## Scopes

Each API key has one of two access levels:

| Scope           | Description                               |
| --------------- | ----------------------------------------- |
| **Full access** | Can perform all read and write operations |
| **Read only**   | Can only perform `GET` requests           |

Use **read-only keys** if you do not wish to manipulate any loyalty data via the API.

Attempting a write operation with a read-only key returns `403 Forbidden`:

```json theme={null}
{
  "errors": [
    {
      "status": "403",
      "title": "Forbidden",
      "detail": "This API key is read-only and cannot perform write operations"
    }
  ]
}
```

## Missing or invalid key

Requests without a valid API key return `401 Unauthorized`:

```json theme={null}
{
  "errors": [
    {
      "status": "401",
      "title": "Unauthorized",
      "detail": "Missing Authorization header"
    }
  ]
}
```