---
Source: https://docs.microblink.com/platform/api/authentication
Title: Authentication
Description: Authentication methods and API key management for Microblink Platform APIs
---

# Authentication

In order to authenticate API requests, you need to create an API key.

Each organization is limited to five API keys.

## Create an API key

Create an API key in your [organization's](/platform/account-setup) settings page, under **API keys**.

Each API key has a name and a set of permissions (roles).

Once created, you can get the `client_id` and `client_secret` values.

![Listing API Keys](/platform/img/list-api-key.png)

:::warning
Keep `client_id` and `client_secret` safely stored.
Do not expose values to end users or client-facing applications.
Consider implementing a regular rotation schedule.
:::

## Authenticate requests

The [Agent API](/platform/api) uses [HTTP Basic authentication](https://datatracker.ietf.org/doc/html/rfc7617).
Pass your `client_id` as the username and `client_secret` as the password in every request.

```
Authorization: Basic {base64(client_id:client_secret)}
```

For example:

```bash
curl --user "{client_id}:{client_secret}" https://api.{region}.platform.microblink.com/agent/...
```


Last updated on Apr 23, 2026