Authentication

All API calls to AuthzX require authentication via an API key.

Getting an API key

Sign in to the AuthzX Console
Go to Settings > API Keys
Click Create API Key
Copy the key — it won't be shown again

Using the API key

Pass the API key in the Authorization header:

Authorization: Bearer YOUR_API_KEY

Or with the ApiKey prefix:

Authorization: ApiKey YOUR_API_KEY

Both formats are supported.

Example

curl -X POST https://api.authzx.com/policy-srv/v1/evaluate \
  -H "Authorization: Bearer ak_live_abc123..." \
  -H "Content-Type: application/json" \
  -d '{ ... }'

Tenant isolation

Your API key is bound to your tenant. The tenant_id is automatically resolved from the API key — you don't need to pass it in the request body.

All resources, subjects, policies, and evaluation results are isolated to your tenant.

Key management

API keys can be revoked from the Console at any time.
Keys have an optional expiration date.
Create separate keys for different environments (development, staging, production).

Base URL

https://api.authzx.com

All endpoints are prefixed with their service path (e.g., /policy-srv/v1/evaluate).

Getting an API key​

Using the API key​

Example​

Tenant isolation​

Key management​

Base URL​