> ## Documentation Index
> Fetch the complete documentation index at: https://docs.import.kopagari.com/llms.txt
> Use this file to discover all available pages before exploring further.

# authentication

All endpoints are protected. Every request must carry a valid API key.

## Getting a key

API keys are issued by the API operator. To request one, contact [info@bsa.ai](mailto:info@bsa.ai). You will receive a key that looks like:

```text theme={null}
tra_live_3f9a…c2b1
```

<Warning>
  Treat your key like a password. Don't commit it to source control or expose it in client-side code. If a key leaks, ask for it to be revoked and a new one issued.
</Warning>

## Sending your key

Provide the key on every request using **either** header:

<CodeGroup>
  ```bash Authorization (Bearer) theme={null}
  curl https://import.kopagari.com/v1/tra-status \
    -H "Authorization: Bearer tra_live_xxx"
  ```

  ```bash x-api-key theme={null}
  curl https://import.kopagari.com/v1/tra-status \
    -H "x-api-key: tra_live_xxx"
  ```
</CodeGroup>

## Unauthorized responses

A missing, malformed, or revoked key returns **401**:

```json theme={null}
{ "error": "Invalid or missing API key" }
```