> ## Documentation Index
> Fetch the complete documentation index at: https://docs.licensesearcher.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication

> Authenticate requests with a state-scoped API key.

The LicenseSearcher API uses an API key to authenticate requests. You can view and manage keys in your [Dashboard](https://licensesearcher.com/login).

Pass your key as a bearer token in the `Authorization` header. All API calls must be made over HTTPS — calls without authentication fail with a `401`.

```bash theme={null}
curl "https://api.licensesearcher.com/v2/search?state=ny&name=bernardin" \
  -H "Authorization: Bearer YOUR_API_KEY"
```

## State scoping

API keys are scoped to specific states. To make an API call for a particular state, your key must be scoped to that state **and** your account must be subscribed to it.

| Scenario                                     | Response |
| -------------------------------------------- | -------- |
| Supported state, key **is** scoped to it     | `200`    |
| Supported state, key is **not** scoped to it | `403`    |
| State LicenseSearcher does not support       | `404`    |

See [Supported States](/supported-states) for the current list.

## Billing and security

<Warning>
  The LicenseSearcher API is billed on a per-request basis, and requests that return a `4xx` status code are **also billed** to your account. Keep your API key secure to prevent unintended charges.
</Warning>

* Don't share your key in publicly accessible places such as GitHub, client-side code, or support tickets.
* Only share your key with people you trust.
* Rotate a key immediately from the Dashboard if you believe it has been exposed.
