API Keys

API Keys are simple secret tokens used by many services to identify and authorize a client. In Brevvie Python + AI — Section 4: APIs, Postman & Calling the Web, they are the main auth mechanism before the more unusual Marvel API hash flow.

Core points from the source

• an API key proves which account or app is making the request
• keys may be sent as query parameters or headers depending on the API
• missing, wrong, or unactivated keys often lead to 401 responses
• keys should live in Environment Variables or .env, not source code

Why it matters

API keys are the first real credential most beginners handle, so learning safe storage early prevents expensive mistakes later.