# Authentication Hakuna uses API keys to authenticate all requests, and authentication is handled via Bearer Authentication. When you make an API request, you'll need to pass either your **sandbox secret key** or your **live secret key** in the HTTP `Authorization` header. Which key you use depends on the [environment](/using-the-api/environments.md) you're using. ```bash curl https://api.hellohakuna.com/ \ -H "Authorization: Bearer " ``` If you do not enter a valid API key in your request, you will get a [`401` response (unauthorized)](/using-the-api/responses.md). ### Getting your API keys You can view and manage your API keys for both the production and sandbox environments in the [Hakuna merchant console](https://console.hellohakuna.com/). {% hint style="info" %} **Get access to the Hakuna merchant console**\ Once your merchant console account has been created, you'll get an email with a temporary password. Click the link in the email to set a new password and complete your account setup. If you have not yet received an email, please [let us know](/help/contact.md). {% endhint %} Please be aware that any changes made to existing API keys will take effect immediately and could cause unintended side effects. ### Managing your API keys Your API keys carry many privileges, so it is important to keep them private and secure. They should live primarily in your backend, and should never be exposed on your frontend. Do not hardcode or share your API keys (particularly in your source version control system). --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.hellohakuna.com/using-the-api/authentication.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.