***

title: Authentication
description: How to authenticate with the XTrace Memory API.
------------------------------------------------------------

# Authentication

The XTrace API supports two authentication methods. Both use the `Authorization: Bearer` header.

## XMem API key (recommended for integrations)

Generate a key from the dashboard at **Settings → API Keys**, or programmatically:

```bash
curl -X POST https://api.xtrace.ai/v1/auth/generate-xmem-key \
  -H "Authorization: Bearer YOUR_AUTH0_JWT"
```

Then use it for all subsequent calls:

```bash
curl https://api.xtrace.ai/v1/facts \
  -H "Authorization: Bearer xmem_sk_..."
```

API keys are scoped to your user within your organization. They do not expire automatically but can be revoked from the dashboard.