# API

## API URL

To locate your team API URL, go to Settings > API Keys.

## Authentication

Scanner uses API keys for authentication. To create an API key or to locate existing API keys, go to Settings > API Keys. API keys are secret, so be sure not to share them publicly.

Scanner will look for the API key in `Authorization` header after a `Bearer` prefix.

```
Authorization: Bearer <Scanner API Key>
```

For example, if here is how you would use curl to get a list of all of your detection rules using your team's API URL:

```bash
curl -G $API_BASE/v1/detection_rule \
--data-urlencode "tenant_id=00000000-0000-0000-0000-000000000001" \
-H "Authorization: Bearer $SCANNER_API_KEY" \
-H "Content-Type: application/json"
```