Authentication
API keys and the Bearer token scheme.
API keys
Forecite authenticates requests with API keys. Each key:
- is prefixed
fc_live_, - is tied to your account's current plan and its limits,
- is shown once at creation and stored only as a hash thereafter.
Manage keys from the API keys page. The number of keys you can hold at once depends on your plan — see Rate limits & quotas.
Sending the token
Pass the key as a Bearer token on every request:
curl https://api.forecite.dev/v1/me \
-H "Authorization: Bearer fc_live_your_key_here"Keep keys server-side
Treat fc_live_ keys like passwords. Never embed them in a browser bundle,
mobile app, or public repo — proxy requests through your own backend instead.
Checking a key
GET /v1/me returns the key's tier, current usage, and limits — handy for
confirming a key works and seeing how much quota is left:
curl https://api.forecite.dev/v1/me \
-H "Authorization: Bearer fc_live_your_key_here"Errors
| Status | Meaning |
|---|---|
401 | Missing or invalid API key. |
403 | The endpoint isn't available on your plan. |
429 | Rate limit or daily quota exceeded. |
Rotate a key by creating a new one and revoking the old one from the dashboard.