# Authentication ### API Key Authentication Rialto uses simple API key authentication to secure API calls. This means that users need to include their API key into they API calls headers, using an `RIALTO_API_KEY` field. Please find below an example of query including an API key usage. ```bash curl --location 'https://staging.api.rialtobridge.xyz/api/client/v1/transactions' \ -X GET \ --header 'Content-Type: application/json' \ --header 'RIALTO_API_KEY: ab3bcq9ynhJ2Om85fLSlEfn3YXiolngd4m3n0rDm8Sg=' ``` ### API Key Management API keys can be queried by verified accounts for which API access has been enabled. You can directly manage your API keys through Rialto's application, in the dedicated menu. Please note the following: * API keys are only shown once when you request them. Rialto never stores plain API keys in database, so if you lose them there will be no way of getting them back. * API keys allow any user that has access to them to use the associated account. API keys should **never be shared to an unintended audience**. Please keep your API keys secret and secure. * You can have 3 active API keys at the same time. If you reached the limit, you need to disable an active key before creating a new one. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.rialtobridge.xyz/concepts/authentication.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.