# Authentication

> Learn how to authenticate your requests to the WinWinKit API.

export const components = {
  pre: CodeSnippet,
};

Every request to the WinWinKit API must include an `x-api-key` header with your [API Key](/developers/get-started/api-keys/).

```bash
curl -X GET "https://api.winwinkit.com/users/your-app-user-id" \
  -H "x-api-key: your-api-key"
```

The same header shape applies to every endpoint:

```json
{
  "headers": {
    "x-api-key": "<your-api-key>"
  }
}
```

If the key is missing, invalid, or revoked, the API returns `401 UNAUTHORIZED` — see [Errors](/developers/api/errors/) for the full error contract.