> ## Documentation Index
> Fetch the complete documentation index at: https://docs.chance.cc/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication

> API keys.

Chance authenticates API requests with a per-account API key sent in the `x-api-key` header.

```bash theme={null}
curl -X POST https://harness.chance.cc/api/v1/intent \
  -H "x-api-key: chance_sk_live_…" \
  -H "Content-Type: application/json" \
  -d '{ "intent": "…", "action": "…" }'
```

## Creating a key

1. Sign in to the [dashboard](https://harness.chance.cc/dashboard).
2. Click **Create API key**.
3. Copy the key — it starts with `chance_sk_` and is shown **only once**.

<Warning>
  Keys are secrets. Store them server-side (environment variables, a secrets manager) and never expose them in browser or mobile code. Only a hash of your key is ever stored on our side, so we can't recover a lost key — create a new one and revoke the old.
</Warning>

## Revoking a key

Revoke any key from the dashboard. Revocation is immediate; requests with a revoked key return `401`.

## Scoping

Each key is scoped to the account that created it and draws on that account's [credits](/concepts/credits). Use separate keys per service so you can revoke one without disrupting the others.
