> ## Documentation Index
> Fetch the complete documentation index at: https://www.tella.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication

> Secure your API requests with Bearer tokens

# Authentication

The Tella API uses Bearer token authentication. Every request must include your API key in the Authorization header.

## Getting your API key

1. Sign in to [Tella](https://www.tella.tv)
2. Navigate to **Settings** > **API Keys**
3. Click **Create key**
4. Copy and securely store your key

<Warning>
  API keys are shown only once when created. If you lose your key, you'll need
  to generate a new one.
</Warning>

## Using your API key

Include your API key in the `Authorization` header of every request:

```bash theme={null}
Authorization: Bearer tella_pk_xxxxx...
```

### Example request

```bash theme={null}
curl -H "Authorization: Bearer tella_pk_your_api_key" \
  https://api.tella.com/v1/videos
```

## API key format

Tella API keys follow this format:

```
tella_pk_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
```

* Prefix: `tella_pk_` (identifies it as a Tella public API key)
* Suffix: 32 random alphanumeric characters

## Security best practices

<AccordionGroup>
  <Accordion title="Never expose your API key">
    * Don't commit API keys to version control
    * Don't include them in client-side code
    * Use environment variables to store keys
  </Accordion>

  <Accordion title="Use environment variables">
    ```bash theme={null}
    # Set the environment variable
    export TELLA_API_KEY="tella_pk_your_api_key"

    # Use it in your code
    curl -H "Authorization: Bearer $TELLA_API_KEY" \
      https://api.tella.com/v1/videos
    ```
  </Accordion>

  {" "}

  <Accordion title="Rotate keys regularly">
    Generate new API keys periodically and revoke old ones. This limits the impact
    if a key is compromised.
  </Accordion>

  <Accordion title="Use separate keys for different environments">
    Create separate API keys for development, staging, and production environments.
  </Accordion>
</AccordionGroup>

## Error responses

### 401 Unauthorized

Returned when the API key is missing or invalid:

```json theme={null}
{
  "error": "unauthorized",
  "description": "Invalid API key"
}
```

**Common causes:**

* Missing `Authorization` header
* Incorrect API key format
* Revoked or expired API key

### 403 Forbidden

Returned when the API key doesn't have permission for the requested resource:

```json theme={null}
{
  "error": "forbidden",
  "description": "Access denied to this resource"
}
```

## Revoking API keys

To revoke an API key:

1. Go to **Settings** > **API Keys**
2. Find the key you want to revoke
3. Click **Revoke**

Revoked keys immediately stop working for all requests.
