# Authentication

All AccuWeather API requests require authentication via an **API key** passed as a query parameter.

## Obtaining an API key

To receive your API key, contact our sales department at **sales@accuweather.com**. Your AccuWeather representative will provide a key tied to your subscription and usage tier.

:::warning
Keep your API key secret. Do not commit it to version control or expose it in client-side code.
:::

## Passing your API key

Include the `apikey` query parameter on every request:

<CodeTabs syncKey="language">
```bash
curl "https://api.accuweather.com/currentconditions/v1/347625?apikey={YOUR_API_KEY}"
```

```typescript
const API_KEY: string = process.env.ACCUWEATHER_API_KEY!;

const response = await fetch(
  `https://api.accuweather.com/currentconditions/v1/347625?apikey=${API_KEY}`,
);
const data: unknown = await response.json();
```

```javascript
const API_KEY = process.env.ACCUWEATHER_API_KEY;

const response = await fetch(
  `https://api.accuweather.com/currentconditions/v1/347625?apikey=${API_KEY}`,
);
const data = await response.json();
```

```python
import os
import requests

API_KEY = os.environ["ACCUWEATHER_API_KEY"]

response = requests.get(
    "https://api.accuweather.com/currentconditions/v1/347625",
    params={"apikey": API_KEY},
)
data = response.json()
```

```csharp
using var client = new HttpClient();

var apiKey = Environment.GetEnvironmentVariable("ACCUWEATHER_API_KEY");
var response = await client.GetAsync(
    $"https://api.accuweather.com/currentconditions/v1/347625?apikey={apiKey}");
var data = await response.Content.ReadAsStringAsync();
```

```java
String apiKey = System.getenv("ACCUWEATHER_API_KEY");

HttpClient client = HttpClient.newHttpClient();
HttpRequest request = HttpRequest.newBuilder()
    .uri(URI.create(
        "https://api.accuweather.com/currentconditions/v1/347625?apikey=" + apiKey))
    .build();

HttpResponse<String> response =
    client.send(request, HttpResponse.BodyHandlers.ofString());
```
</CodeTabs>

## Error responses

| Status Code | Meaning |
| --- | --- |
| `401 Unauthorized` | Missing or invalid API key. |
| `403 Forbidden` | Your key does not have access to the requested endpoint or resource. |


## Best practices

- **Store your key in environment variables** — never hard-code it in source files.
- **Use server-side proxying** — if your application runs in a browser, proxy API calls through your backend to avoid exposing the key to end users.
- **Monitor your usage** — track your call volume to stay within your subscription limits. Check [status.accuweather.com](https://status.accuweather.com) for service availability.