New: unified Python, Go & Rust SDKs — available now in beta.

Authentication

API keys and the Bearer token scheme.

API keys

Forecite authenticates requests with API keys. Each key:

  • is prefixed fc_live_,
  • is tied to your account's current plan and its limits,
  • is shown once at creation and stored only as a hash thereafter.

Manage keys from the API keys page. The number of keys you can hold at once depends on your plan — see Rate limits & quotas.

Sending the token

Pass the key as a Bearer token on every request:

curl https://api.forecite.dev/v1/me \
  -H "Authorization: Bearer fc_live_your_key_here"

Keep keys server-side

Treat fc_live_ keys like passwords. Never embed them in a browser bundle, mobile app, or public repo — proxy requests through your own backend instead.

Checking a key

GET /v1/me returns the key's tier, current usage, and limits — handy for confirming a key works and seeing how much quota is left:

curl https://api.forecite.dev/v1/me \
  -H "Authorization: Bearer fc_live_your_key_here"

Errors

StatusMeaning
401Missing or invalid API key.
403The endpoint isn't available on your plan.
429Rate limit or daily quota exceeded.

Rotate a key by creating a new one and revoking the old one from the dashboard.

On this page