# Authentication & API key Information

currencyapi uses API keys to allow access to the API. You can register a new API key at our developer portal.

Multiple API keys

While our free plan only allows one API key at a time, our paid plans offer multiple API keys.
By using separate keys for different use cases you can track individual usage and make key rotations affect only certain parts of your application.

# Authentication methods

To authorize, you can use the following ways:

# GET query parameter

You can pass your API key along with every request by adding it as a query parameter apikey


This method could expose your API key in access logs and such. Sending the API key via a header parameter as specified below circumvents this problem.

# HTTP Header

You can set a request header with the name apikey

# Rate limit and quotas

You can use a certain amount of requests per month. This is defined by your plan. Once you go over this quota you will be presented with a 429 HTTP status code and you either need to upgrade your plan or wait until the end of the month.

We enforce a minute rate limit for each plan. If you exceed this you will also be presented with a 429 HTTP status code. You then have to wait until the end of the minute to do more requests.

Not every request counts

Only successful calls count against your quota. Any error on our side or any validation error (e.g. wrong parameter) will NOT count against your quota or rate limit.

# Response Headers

We attach certain headers to tell you your current monthly/minute quota and how much you have remaining in the period.

X-RateLimit-Limit-Quota-Minute: 10
X-RateLimit-Limit-Quota-Month: 300

X-RateLimit-Remaining-Quota-Minute: 5
X-RateLimit-Remaining-Quota-Month: 199