# Authentication & API key Information
currencyapi uses API keys to allow access to the API. You can register a new API key at our developer portal.
Multiple API keys
While our free plan only allows one API key at a time, our paid plans offer multiple API keys.
By using separate keys for different use cases you can track individual usage and make key rotations affect only certain parts of your application.
# Authentication methods
To authorize, you can use the following ways:
# GET query parameter
You can pass your API key along with every request by adding it as a query parameter
This method could expose your API key in access logs and such. Sending the API key via a header parameter as specified below circumvents this problem.
# HTTP Header
You can set a request header with the name
# Rate limit and quotas
You can use a certain amount of requests per month. This is defined by your plan.
Once you go over this quota you will be presented with a
429 HTTP status code and you either need to upgrade your plan or wait until the end of the month.
We enforce a minute rate limit for each plan. If you exceed this you will also be presented with a
429 HTTP status code.
You then have to wait until the end of the minute to do more requests.
Not every request counts
Only successful calls count against your quota. Any error on our side or any validation error (e.g. wrong parameter) will NOT count against your quota or rate limit.
# Response Headers
We attach certain headers to tell you your current monthly/minute quota and how much you have remaining in the period.
X-RateLimit-Limit-Quota-Minute: 10 X-RateLimit-Limit-Quota-Month: 300 X-RateLimit-Remaining-Quota-Minute: 5 X-RateLimit-Remaining-Quota-Month: 199