Authentication
Learn how to authenticate your requests and manage API keys securely.
Getting an API Key
To use the NewsAPI, you need an API key. Here is how to get one:
- Create a free account on NewsAPI.
- Navigate to your Dashboard.
- Go to the API Keys section and click “Create New Key”.
- Give your key a descriptive name (e.g., “Production App” or “Development”).
- Copy the generated key and store it securely.
Important: Your API key is shown only once when created. Store it in a secure location such as an environment variable. Never expose your API key in client-side code or public repositories.
Using Your API Key
Include your API key in every request using the X-API-Key header.
curl -X GET "https://api.newsapi.dev/v1/latest-news" \
-H "X-API-Key: nsa_live_k8xj2m9p4qr5s7t1u3v6w0y"JavaScript Example
const response = await fetch("https://api.newsapi.dev/v1/latest-news", {
headers: {
"X-API-Key": process.env.NEWSAPI_KEY
}
});
const data = await response.json();Python Example
import os
import requests
response = requests.get(
"https://api.newsapi.dev/v1/latest-news",
headers={"X-API-Key": os.environ["NEWSAPI_KEY"]}
)
data = response.json()Rate Limiting
API rate limits depend on your subscription plan. When you exceed your rate limit, the API returns a 429 Too Many Requests status code.
| Plan | Rate Limit | Reset Period |
|---|---|---|
| Free | 1,000 requests | Daily (midnight UTC) |
| Builder | 75,000 requests | Monthly |
| Professional | 300,000 requests | Monthly |
| Enterprise | 600,000 requests | Monthly |
Rate Limit Headers
Every API response includes headers to help you track your usage:
X-RateLimit-Limit: 75000
X-RateLimit-Remaining: 74523
X-RateLimit-Reset: 2025-02-01T00:00:00ZSecurity Best Practices
Use environment variables
Store your API key in environment variables, never hardcode it in your source code.
Server-side requests only
Always make API requests from your backend server, never from client-side JavaScript.
Use separate keys per environment
Create separate API keys for development, staging, and production environments.
Rotate keys regularly
Rotate your API keys periodically and revoke any keys that may have been compromised.