---
title: Authentication
description: Learn how to set up TheirStack API authentication with Bearer token API keys — create, manage, and revoke keys directly from your account settings.
url: https://theirstack.com/en/docs/api-reference/authentication
---

Authentication is done via API keys, which you can create and manage in [your account settings](https://app.theirstack.com/settings/api-key). When making a call, specify the API key in the `Authorization` header as a Bearer token:

```
Authorization: Bearer <token>
```

## Getting your API key

1.  Go to [**Settings > API Keys**](https://app.theirstack.com/settings/api-key) and click **Create API key**.
    
2.  Give your key a name and choose an expiration policy — either a specific date or **Never**.
    
3.  Copy your API key and store it somewhere safe. For security reasons, the key is only shown once.
    

## Revoking an API key

If an API key is compromised or no longer needed, you can revoke it immediately.

1.  In [**Settings > API Keys**](https://app.theirstack.com/settings/api-key), find the key you want to revoke and click the **menu icon** (three dots) on the right, then select **Revoke**.
    
2.  Confirm the revocation. The key will stop working immediately and this action cannot be undone.