Authentication
All FinBrain API requests require authentication using your API key passed as a query parameter.
Authentication Method
Section titled “Authentication Method”Token Query Parameter
Section titled “Token Query Parameter”Include your API key in every request using the token query parameter:
https://api.finbrain.tech/v1/endpoint?token=YOUR_API_KEYExample
Section titled “Example”curl "https://api.finbrain.tech/v1/ticker/AAPL/predictions/daily?token=YOUR_API_KEY"import requests
response = requests.get( "https://api.finbrain.tech/v1/ticker/AAPL/predictions/daily", params={"token": "YOUR_API_KEY"})const API_KEY = "YOUR_API_KEY";
const response = await fetch( `https://api.finbrain.tech/v1/ticker/AAPL/predictions/daily?token=${API_KEY}`);Getting an API Key
Section titled “Getting an API Key”- Visit finbrain.tech
- Create an account or sign in
- Navigate to your account dashboard
- Copy your API key
Authentication Errors
Section titled “Authentication Errors”401 Unauthorized
Section titled “401 Unauthorized”Returned when the API key is missing or invalid.
Response:
{ "error": "Unauthorized", "message": "Invalid or missing API key"}Common causes:
- Missing
tokenparameter in the request - Typo in the API key
- Using an expired or revoked API key
403 Forbidden
Section titled “403 Forbidden”Returned when the API key is valid but lacks permission for the requested resource.
Response:
{ "error": "Forbidden", "message": "Access denied for this resource"}Common causes:
- Endpoint not included in your subscription tier
- Account suspended
- Accessing a restricted resource
429 Too Many Requests
Section titled “429 Too Many Requests”Returned when rate limits are exceeded.
Response:
{ "error": "Too Many Requests", "message": "Rate limit exceeded. Please slow down."}Rate Limits
Section titled “Rate Limits”| Tier | Requests/Day | Requests/Minute |
|---|---|---|
| Free | 100 | 10 |
| Basic | 1,000 | 60 |
| Professional | 10,000 | 300 |
| Enterprise | Unlimited | Custom |
Security Best Practices
Section titled “Security Best Practices”Environment Variables
Section titled “Environment Variables”Never hardcode your API key. Use environment variables:
import osfrom finbrain import FinBrainClient
api_key = os.environ.get("FINBRAIN_API_KEY")fb = FinBrainClient(api_key=api_key)const API_KEY = process.env.FINBRAIN_API_KEY;export FINBRAIN_API_KEY="your_api_key_here"curl "https://api.finbrain.tech/v1/ticker/AAPL/predictions/daily?token=$FINBRAIN_API_KEY".env Files
Section titled “.env Files”For local development, use a .env file:
FINBRAIN_API_KEY=your_api_key_hereAdd .env to your .gitignore:
.envProduction Secrets
Section titled “Production Secrets”In production, use your platform’s secrets management:
- AWS: Secrets Manager or Parameter Store
- Google Cloud: Secret Manager
- Azure: Key Vault
- Heroku: Config Vars
- Vercel: Environment Variables
Additional Security Tips
Section titled “Additional Security Tips”- Never commit API keys to version control
- Don’t expose keys in client-side code - use a backend proxy
- Rotate keys periodically - especially after team member changes
- Use different keys for development and production
- Monitor usage - check for unexpected API call patterns