# Authentication

To use the 1099Policy API you need to authenticate requests using API keys.  Sign up for a developer account to view and manage your API keys from the 1099Policy  Dashboard. [https://dashboard.1099policy.com/signup](https://dashboard.1099policy.com/signup)

Your API tokens should be guarded closely. As a reminder, do not share your secret API  keys in publicly accessible areas such as GitHub or client-side code, for example.  Instead use environment variables, web server settings, startup script, or a configuration  file that is excluded from your version control.

Test mode secret keys have the prefix `t9k_test_` and live mode secret keys  have the prefix `t9k_live_`.

All API requests must be made over HTTPS. Calls made over plain HTTP will fail. API requests  without authentication will also fail.

## Example
```curl
  curl \
    -X GET https://api.1099policy.com/api/v1/contractors \
    -H "Authorization: Basic t9k_test_wvnsjtZ8aMlbfGbIm0Lc0"
```