Authentication
Create, send, separate, and revoke Search1API API keys safely.
Search1API uses bearer tokens. Send the same header to every authenticated endpoint at https://api.search1api.com:
Authorization: Bearer YOUR_API_KEYGet a key
Sign in at dashboard.search1api.com, open API Keys, and create a key. The dashboard lets you label, reveal, copy, and delete existing keys.
Keep keys server-side
Treat a key like a password. Store it in an environment variable or secret manager, and never expose it in browser code, mobile binaries, logs, or a public repository.
Anyone who has the key can make requests against your account balance. If a key leaks, replace it and delete the old key immediately.
Separate keys by workload
Use different keys for environments or services so you can identify traffic and revoke one integration without interrupting the others. Add a clear label in the dashboard, such as production-api, staging, or claude-mcp.
All keys owned by the same account draw from the same credit balance. Separate keys improve attribution and revocation; they do not create separate balances.
Rotate or revoke a key
There is no in-place rotation action. To replace a key:
- Create a new key.
- Update the application or integration.
- Confirm requests succeed with the new key.
- Delete the old key.
Deleting a key revokes it. Requests that continue using it return 401 Unauthorized.
Authentication failures
An invalid or revoked bearer token returns 401. A request with no bearer token currently receives a 402 payment challenge on paid endpoints because Search1API also supports pay-per-request payment protocols.
See Error handling for response bodies and recovery guidance.