# Authentication Your API requests are authenticated using your Bugpilot **API Key**. You can get the API Key for your workspace from the Settings page in your [Bugpilot dashboard](https://dash.bugpilot.io/settings/api). Only a Workspace Owner has access to the API Key. If you're not the owner, you'll need to contact them and ask them to send the Workspace Id and the API Key. The API Key should start with `ws-` , and it's specific to the Workspace it was generated for. {% hint style="warning" %} **API Keys are private** and designed to be used server-side; do not expose your Bugpilot API Key to your users. {% endhint %} ### Authenticating HTTP Requests Every request you sent to the HTTP API must have the following HTTP headers. Requests that are missing one of these headers, or contain invalid values, will fail with `401 Unauthorized`. Authentication errors are opaque and will not describe the reason of the failure. | Header name | Header value | Required | | -------------------- | ---------------------------------------------------------------------------------------------------- | -------- | | `User-Agent` | `Bugpilot API Client/1.0` | Yes | | `X-Bugpilot-Api-Key` | The API Key you obtained from your [Bugpilot dashboard page.](https://dash.bugpilot.io/settings/api) | Yes | --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://bugpilot.gitbook.io/api-docs/http-api/authentication.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.