# Authentication

Authenticate your API calls by including your X-USER and X-HASH keys in the header of every request you make. You can manage your API keys from Integrations page on the [dashboard](https://issuance.akowe.app/) .

{% hint style="danger" %}
**Secure your X-HASH key**

Do not commit your X-HASH key to git, or use it in client-side code.
{% endhint %}

{% code title="Sample Headers" lineNumbers="true" %}

```json
X-USER: test@test.com
X-HASH: xxxxxxxxxxxxxxxxxxxxx
```

{% endcode %}

API requests made without authentication will fail with the status code `400`. All API requests must be made over HTTPS.