> ## Documentation Index
> Fetch the complete documentation index at: https://docs.cloudblast.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication

> How to authenticate with the CloudBlast API

# Authentication

All API requests require a **Bearer token** in the `Authorization` header.

```bash theme={null}
Authorization: Bearer YOUR_API_TOKEN
```

## Getting Your API Token

1. Log in to the [CloudBlast Panel](https://console.cloudblast.io)
2. Go to **Account Settings** > **API**
3. Copy your API token

## IP Whitelisting

If you've configured an IP whitelist in your account settings (`apiAddress` field), only requests from that IP address will be accepted. Requests from other IPs will receive a `403` error:

```json theme={null}
{
  "error": {
    "code": "IP_NOT_ALLOWED",
    "message": "Your IP address is not whitelisted for API access."
  }
}
```

To allow requests from any IP, leave the IP whitelist field empty.

## Example Request

<CodeGroup>
  ```bash cURL theme={null}
  curl -H "Authorization: Bearer cb_live_abc123..." \
    https://console.cloudblast.io/api/v2/account
  ```

  ```python Python theme={null}
  import requests

  headers = {"Authorization": "Bearer cb_live_abc123..."}
  response = requests.get(
      "https://console.cloudblast.io/api/v2/account",
      headers=headers
  )
  print(response.json())
  ```

  ```javascript Node.js theme={null}
  const response = await fetch("https://console.cloudblast.io/api/v2/account", {
    headers: {
      Authorization: "Bearer cb_live_abc123...",
    },
  });
  const data = await response.json();
  console.log(data);
  ```

  ```php PHP theme={null}
  $ch = curl_init("https://console.cloudblast.io/api/v2/account");
  curl_setopt($ch, CURLOPT_HTTPHEADER, [
      "Authorization: Bearer cb_live_abc123..."
  ]);
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  $response = json_decode(curl_exec($ch));
  ```

  ```go Go theme={null}
  req, _ := http.NewRequest("GET", "https://console.cloudblast.io/api/v2/account", nil)
  req.Header.Set("Authorization", "Bearer cb_live_abc123...")
  resp, _ := http.DefaultClient.Do(req)
  ```
</CodeGroup>

## Error Responses

| Status | Code              | Description                               |
| ------ | ----------------- | ----------------------------------------- |
| `401`  | `UNAUTHENTICATED` | Missing or invalid `Authorization` header |
| `401`  | `INVALID_TOKEN`   | The API token doesn't match any account   |
| `403`  | `ACCOUNT_BANNED`  | Your account has been suspended           |
| `403`  | `IP_NOT_ALLOWED`  | Request IP is not in your whitelist       |
