> ## Documentation Index > Fetch the complete documentation index at: https://docs.triplesession.com/llms.txt > Use this file to discover all available pages before exploring further. # Authentication > Authenticate API requests using your workspace API key as a Bearer token. All API requests must include your API key in the `Authorization` header as a Bearer token. ```http theme={null} Authorization: Bearer YOUR_API_KEY ``` ## Get your API key Your API key and workspace ID are both available in **Settings → API**. In the Triple Session app, go to **Settings** and select **API** from the left sidebar. Your workspace ID (a UUID) appears at the top. You'll need it in every request URL. Your API key starts with `wk_`. Click **Copy** to copy it to your clipboard. Keep your API key secret. If it is compromised, click **Regenerate API Key** to invalidate the old one and generate a new one. ## Making a request Every request combines your workspace ID in the URL and your API key in the header: ```bash theme={null} curl -X GET "https://app.triplesession.com/api/public/ai-coach/workspaces/YOUR_WORKSPACE_ID/reports?page=1&limit=10" \ -H "Authorization: Bearer YOUR_API_KEY" ``` Replace `YOUR_WORKSPACE_ID` with the UUID from Settings and `YOUR_API_KEY` with your key. ## Errors and limits The API returns standard HTTP status codes: | Code | Meaning | | ----- | --------------------------------------------- | | `200` | Request succeeded | | `401` | Missing or invalid API key | | `403` | API key does not have access to this resource | | `404` | Resource not found | | `429` | Rate limit exceeded — slow down and retry | | `500` | Server error — retry with exponential backoff | If you receive a `401`, verify that your `Authorization` header is formatted correctly and that the API key has not been regenerated since you last copied it.