Skip to main content

Authentication

Fololo Iris uses API keys for public API authentication.

Header format

Use the Authorization header with a Bearer token:

Authorization: Bearer <api-key>

The legacy X-API-Key header is supported for compatibility, but Authorization: Bearer is preferred.

Rotate keys

Rotate API keys on a regular schedule and revoke unused keys to reduce exposure. Contact support if you need additional key scopes or IP allowlists.