Authentication
Overview
Authentication ensures that only authorised systems can access Future Anthem APIs and send data to the platform.
All API access requires valid credentials and secure communication. Future Anthem APIs use API key authentication, and every request must include a valid API key using the x-api-key request header.
Using an API Key
Every API request must include the API key header.
Example
-H "x-api-key: YOUR_API_KEY"plaintext
If the API key is missing, invalid, or does not grant access to the requested resource, the request will fail with an authentication error.
Environment Separation
Development and production environments use separate API keys.
-
API keys cannot be shared across environments
-
Each environment has its own credentials and access scope
This ensures test activity does not impact production systems.
Securing API keys
-
Do not store keys in front-end code
-
Do not commit keys to version control
-
Prefer environment variables or secret managers
-
Rotate keys if leaked
-
Use separate keys per service/system
