> ## Documentation Index
> Fetch the complete documentation index at: https://monitoryt.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication

> Authenticate requests with a personal Monitor YT API key.

Send your personal API key through the standard Bearer authorization header:

```http theme={null}
Authorization: Bearer myt_your_api_key
```

API keys begin with `myt_`. Each account has one active key. Generating a new key immediately revokes the previous key.

Set the key in an environment variable instead of embedding it in source code:

```bash theme={null}
export MONITOR_YT_API_KEY="myt_your_api_key"
```

## Plan requirement

You may generate and rotate a key on any plan. Authenticated public API endpoints require Pro.

* Missing or invalid keys return `401 unauthorized`.
* Valid keys belonging to Free accounts return `403 upgrade_required`.
* The health-check endpoint does not require authentication.

Treat the key like a password because it grants read access to your tracked feed and video history.

## Rotate a key

Open [Settings](https://monitoryt.com/app/settings) and select **Regenerate key**.
The old key stops working immediately, so update every integration that uses it.

If a key is exposed, rotate it first and investigate where it was logged or
committed before generating another replacement.
