# Authentication

To access the API, you must authenticate requests using an API key. Support for OAuth 2.0 is coming soon.

## Getting an API key

1. Go to your [Profile page](https://account.databox.com/profile) (`Account Management > Profile`).
2. In the **Password & Security** section, find the **API key** option.
3. Click **Create** to generate a new key.


Permissions Required
Access to API key management is currently limited to **Admin** users.

### Restricting access by IP

You can optionally restrict usage of your API key to specific IP addresses:

1. Click **Manage allowed IPs**.
2. Enter one or more IP addresses, pressing **Enter** after each.
3. When finished, click **Save**.


Only requests coming from the specified IPs will be accepted.

## Key ownership and permissions

- API keys are **user-specific**.
- Each key inherits the access rights and permissions of the user who created it.


## Validating an API key

You can validate an API key using the following endpoint: