> ## Documentation Index
> Fetch the complete documentation index at: https://docs.abliteration.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# How to authenticate with abliteration.ai

> How to authenticate abliteration.ai API requests with bearer tokens, scope keys to projects, and rotate keys safely.

abliteration.ai uses bearer tokens. Generate keys in the [console](https://abliteration.ai/console).

## Header

The canonical header is bearer auth:

```http theme={"system"}
Authorization: Bearer $ABLIT_KEY
```

The Anthropic Messages surface (`/v1/messages`, `/v1/messages/count_tokens`) also accepts the Anthropic-style header, so the official Anthropic SDK works with `api_key=...` unchanged:

```http theme={"system"}
x-api-key: $ABLIT_KEY
```

Use whichever your client sends by default. Both accept the same `ak_...` keys.

## Scoped keys

Keys can be scoped to a project. A scoped key inherits that project's policy rules and policy log destination. See [Policy Gateway → Projects](/policy-gateway/onboarding).

## Rotating keys

When you need to replace a key — suspected leak, compliance cadence, or just housekeeping — do it in three steps:

1. Create a new key in the console.
2. Update your clients to use the new key.
3. Revoke the old key.

Revoked keys stop working immediately.

<Note>
  Never commit keys. Load them from environment variables or a secret manager.
</Note>
