> ## Documentation Index > Fetch the complete documentation index at: https://docs.courtrules.app/llms.txt > Use this file to discover all available pages before exploring further. # Authentication > How to authenticate with the Court Rules API All API endpoints require a Bearer token in the `Authorization` header. ## Request format ``` Authorization: Bearer ``` ## Getting an API key API keys are issued through the console dashboard at [console.courtrules.app](https://console.courtrules.app). Sign in with your organization account to view and manage your keys. Keys follow the format `crm__` (e.g. `crm_prod_...`). ## Example request ```bash theme={"theme":{"light":"github-light","dark":"github-dark"}} curl -X GET 'https://api.courtrules.app/api/v1/judges?district_id=edny' \ -H "Authorization: Bearer YOUR_API_KEY" ``` ## Error responses ### 401: Missing or malformed header Returned when the `Authorization` header is missing or doesn't use the `Bearer` scheme. ```json theme={"theme":{"light":"github-light","dark":"github-dark"}} { "error": "Missing or invalid Authorization header. Expected: Bearer " } ``` ### 403: Invalid key Returned when the key is present and well-formed but not recognized. ```json theme={"theme":{"light":"github-light","dark":"github-dark"}} { "error": "Invalid API key" } ``` ## MCP authentication The MCP server uses OAuth 2.1 instead of API keys. Sample data works immediately with no auth. Full access requires OAuth, which your MCP client handles automatically. ### How OAuth works with MCP clients When you first call a tool that requires full access, your MCP client opens a browser window to `console.courtrules.app` where you approve the connection. After that, the client manages tokens automatically. You don't handle tokens yourself. ### Claude Code ```bash theme={"theme":{"light":"github-light","dark":"github-dark"}} # Connect (sample data, no auth) claude mcp add --transport http court-rules https://mcp.courtrules.app/mcp # When you need full access, Claude Code prompts you to authenticate # in the browser on first use. No extra setup needed. ``` ### Codex CLI ```bash theme={"theme":{"light":"github-light","dark":"github-dark"}} # Connect codex mcp add court-rules --url https://mcp.courtrules.app/mcp # Authenticate (opens browser) codex mcp login court-rules ``` ### Claude Desktop / Cursor / VS Code / Windsurf These clients handle OAuth automatically. On the first tool call requiring full access, a browser window opens to approve the connection. No config changes needed beyond the initial setup in [MCP: Enforcement Data](/guides/mcp-enforcement#quick-start) or [MCP: Court Rules](/guides/mcp-court-rules#quick-start). ### Getting full access Full access requires an account on [console.courtrules.app](https://console.courtrules.app). Contact [api@courtrules.app](mailto:api@courtrules.app) if your organization needs access provisioned. ## Security notes * API keys are sensitive credentials. Do not commit them to version control or expose them in client-side code. * Use environment variables to store keys in your application: ```bash theme={"theme":{"light":"github-light","dark":"github-dark"}} export COURT_RULES_API_KEY="crm_prod_..." ``` ```bash theme={"theme":{"light":"github-light","dark":"github-dark"}} curl -X GET 'https://api.courtrules.app/api/v1/judges?district_id=edny' \ -H "Authorization: Bearer $COURT_RULES_API_KEY" ```