--- title: Authentication description: How to authenticate with Composio APIs using project and organization API keys keywords: [API authentication, API key, x-api-key, x-org-api-key, Composio authentication, authorization] --- Every Composio API request authenticates with an API key. Send the key in a request header and Composio resolves it to your project or organization. ## Project API key A project API key authenticates to one project with full access. Send it in the `x-api-key` header. Get it from the dashboard: sign in to [composio.dev](https://composio.dev), open **Settings → Project Settings**, and copy the key from the **API Keys** section. ## Organization API key An organization API key authenticates across every project in your organization. Send it in the `x-org-api-key` header. Get it from the dashboard: open **Organization Settings → General Settings** and copy a token under **Organization Access Tokens**. ## Using the API key Include your API key in the request header: ```bash curl https://backend.composio.dev/api/v3/tools \ -H "x-api-key: $COMPOSIO_API_KEY" ``` For organization-level endpoints: ```bash curl https://backend.composio.dev/api/v3/org/projects \ -H "x-org-api-key: $COMPOSIO_ORG_API_KEY" ``` Understanding API error responses API rate limits by plan