> ## Documentation Index
> Fetch the complete documentation index at: https://docs.voicelab360.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication Overview

> All VoiceLab360 API requests require authentication via API key.

# Authentication

Every request to the VoiceLab360 API must include a valid API key in the `Authorization` header using the Bearer scheme.

```bash theme={null}
Authorization: Bearer vl360_live_YOUR_KEY_HERE
```

API keys are tied to your workspace and environment. Sandbox keys are prefixed `vl360_test_`. Production keys are prefixed `vl360_live_`.

## Security requirements

* Never expose your API key in client-side code, browser JavaScript, or public repositories
* Store keys in environment variables or a secrets manager
* Rotate keys immediately if they are compromised
* Use one key per environment — never share a production key across projects

## Error responses

A missing or invalid key returns HTTP `401` with error code `UNAUTHORIZED`. A revoked key returns HTTP `403` with error code `FORBIDDEN`.

See [Errors](/core/errors) for the full error reference.
