> ## Documentation Index
> Fetch the complete documentation index at: https://docs.insighthread.com/llms.txt
> Use this file to discover all available pages before exploring further.

# API Authentication — Insighthread News API Bearer Tokens

> The Insighthread News API uses Bearer token authentication. Pass your API key in the Authorization header on every request to the API.

The Insighthread News API authenticates all requests using API keys passed as Bearer tokens. You'll receive your API key when you sign up for API access — there are no OAuth flows or rotating credentials to manage. Every request must include a valid key; unauthenticated requests are rejected immediately.

## Getting Your API Key

API keys are issued as part of your enterprise onboarding. To request access, contact the Insighthread sales team at [insighthread.com/newsapi](https://insighthread.com/newsapi). Once your agreement is in place, your API key will be delivered via the developer portal or directly by the Insighthread team.

<Info>
  If you need additional API keys — for example, to isolate production and staging environments — contact your account manager. Multi-key configurations are supported under enterprise plans.
</Info>

## Making Authenticated Requests

Pass your API key in the `Authorization` header using the `Bearer` scheme on every request:

```
Authorization: Bearer YOUR_API_KEY
```

Replace `YOUR_API_KEY` with the key provided during onboarding. The following examples show authenticated requests across common HTTP clients:

<CodeGroup>
  ```bash curl theme={null}
  curl https://api.insighthread.com/v1/events \
    -H "Authorization: Bearer YOUR_API_KEY"
  ```

  ```python Python theme={null}
  import httpx

  client = httpx.Client(
      base_url="https://api.insighthread.com/v1",
      headers={"Authorization": "Bearer YOUR_API_KEY"}
  )
  response = client.get("/events")
  ```

  ```javascript JavaScript theme={null}
  const client = {
      baseURL: "https://api.insighthread.com/v1",
      headers: { "Authorization": "Bearer YOUR_API_KEY" }
  };

  const response = await fetch(`${client.baseURL}/events`, {
      headers: client.headers
  });
  ```
</CodeGroup>

## Authentication Errors

If your request is rejected due to an authentication problem, the API returns one of the following HTTP status codes:

| Status Code             | Meaning                                                               |
| ----------------------- | --------------------------------------------------------------------- |
| `401 Unauthorized`      | API key is missing from the request or is not a valid key             |
| `403 Forbidden`         | API key is valid but does not have permission to access this resource |
| `429 Too Many Requests` | Your key has exceeded its rate limit; back off and retry              |

All error responses include a JSON body with an `error` field describing the problem. See [Response Schema](/api/response-schema) for the full error response format.

<Warning>
  Keep your API key secret. Never expose it in client-side JavaScript, mobile app bundles, public repositories, or any environment where it could be read by unauthorized parties. If you believe your key has been compromised, contact your account manager immediately for a rotation.
</Warning>

<Tip>
  Store your API key in an environment variable rather than hardcoding it in your source code:

  ```bash theme={null}
  export INSIGHTHREAD_API_KEY="your_key_here"
  ```

  Then reference it in your code with `os.environ["INSIGHTHREAD_API_KEY"]` (Python) or `process.env.INSIGHTHREAD_API_KEY` (Node.js).
</Tip>


## Related topics

- [Insighthread News API: Real-Time SEC Event Intelligence](/api/overview.md)
- [Insighthread News API: All Event Categories Reference](/api/event-categories.md)
- [Insighthread News API: Full Response Schema Reference](/api/response-schema.md)
- [Insighthread Pricing: Plans, Trials, and News API Options](/plans-and-pricing.md)
- [Insider Trade Tracking, Conviction Scoring & Cluster Signals](/features/insider-trades.md)
