API key
An application programming interface (API) key is a secret unique identifier used to authenticate and authorize a user, developer, or calling program to an API. Cloud computing providers such as Google Cloud Platform and Amazon Web Services recommend that API keys only be used to authenticate projects, rather than human users. == Usage == === HTTP APIs === API keys for HTTP-based APIs can be sent in multiple ways: The access token is often a JSON Web Token (JWT) in the HTTP Authorization header: In the query string: As a request header: As a cookie: == Security == API keys are generally not considered secure; they are typically accessible to clients, making it easy for someone to steal an API key.