Authentication
The moncreneau API uses API keys to authenticate requests.
API Key Format
moncreneau API keys follow a prefixed format starting with mk_ followed by alphanumeric characters.
Example: mk_abc123def456ghi789
Authenticating Requests
Include your API key in the Authorization header with the Bearer type:
curl https://mc-prd.duckdns.org/api/v1/departments -H "X-API-Key: YOUR_API_KEY"
API Key Security
Important
- Never commit your API keys to source code
- Never share them publicly
- Use environment variables to store them
- Regenerate your keys if they are compromised
Best Practices
.env
# ✅ Good
MONCRENEAU_API_KEY=mk_abc123...
# ❌ Bad: hardcoding in code
const apiKey = "mk_abc123...";
Authentication Errors
| Code | Error | Description |
|---|---|---|
401 | MISSING_API_KEY | Authorization header missing |
401 | INVALID_API_KEY | Invalid or revoked API key |
403 | INSUFFICIENT_SCOPE | Insufficient scope for operation |