> ## Documentation Index
> Fetch the complete documentation index at: https://docs.sluice.sh/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication

> How to authenticate with the Sluice API using API keys or session cookies.

## API key authentication

The `POST /api/ingest` endpoint authenticates using an API key passed in the `Authorization` header:

```bash theme={null}
curl -X POST https://sluice.sh/api/ingest \
  -H "Authorization: Bearer sk_live_..." \
  -H "Content-Type: application/json" \
  -d '{"events": [...]}'
```

API keys start with `sk_` and are created when you add a connection in the Sluice dashboard. Each API key is scoped to a single connection.

### Key management

* API keys are displayed once when a connection is created. Copy them immediately.
* Each connection has exactly one API key.
* To rotate a key, delete and recreate the connection.

### Invalid key responses

```json theme={null}
{
  "error": {
    "code": "UNAUTHORIZED",
    "message": "Invalid or missing API key.",
    "docs_url": "https://docs.sluice.sh/troubleshooting/api-key"
  }
}
```

## Session authentication

All dashboard API endpoints (jobs, queues, workers, etc.) use session cookies. These are set automatically when you log in to the Sluice dashboard.

If you make an API request without a valid session, you'll receive:

```json theme={null}
{
  "error": {
    "code": "UNAUTHORIZED",
    "message": "Authentication required.",
    "docs_url": "https://docs.sluice.sh/troubleshooting/auth"
  }
}
```

<Note>
  The V0 API is designed for dashboard consumption. A standalone API key for all endpoints (not just ingest) is planned for V1 with the External API feature.
</Note>
