> ## Documentation Index
> Fetch the complete documentation index at: https://docs.neuro-tech.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication

> How Neuro-Pay API key authentication works

## Overview

Neuro-Pay authenticates requests with a company API key.

Send the key in the `Authorization` header:

```http theme={null}
Authorization: Bearer <api_key>
```

## How to create keys

Create API keys in:

**Company Admin → API keys**

<img src="https://mintcdn.com/trustanchorgroupab/7wOxoJN45B7BbzUO/images/apikey-create.png?fit=max&auto=format&n=7wOxoJN45B7BbzUO&q=85&s=19d7e611ed3962d18b066c8e59753693" alt="Apikey admin screenshot" width="1599" height="489" data-path="images/apikey-create.png" />

Available key-management options include:

* **Test** or **Live** key type
* optional **expiry date**
* optional **allowed IPs**
* human-friendly **key name**

## Required headers

Most requests should include:

```http theme={null}
Authorization: Bearer <api_key>
Content-Type: application/json
Accept: application/json
```

## Error behavior

Typical responses include:

* `403 Forbidden` for missing, invalid, or expired API keys
* `400 Bad Request` for missing required parameters or invalid values

## Endpoint available without an API key

The CO2 token lookup endpoint can be requested without an API key:

```http theme={null}
GET /co2-token/cid/{cid}
```

## Example

```bash theme={null}
curl -X POST https://api.neuro-admin.com/checkout/create-customer \
  -H "Authorization: Bearer $NEURO_PAY_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"first_name":"Ada","last_name":"Lovelace","email":"ada@example.com"}'
```
