API Keys
All requests to the MarketDataset API require an API key passed via theX-API-KEY header.
Getting an API key
- Sign in at marketdataset.ai/dashboard
- In the Overview section, click Create API Key
- Give your key a descriptive name (e.g., “production”, “backtesting”)
- Copy the key immediately — it’s only shown once
Key format
API keys use the prefixsk_ followed by a 32-character random string:
Security best practices
Never expose keys in client-side code
Never expose keys in client-side code
API keys should only be used in server-side code or secure environments. Never embed them in frontend JavaScript, mobile apps, or public repositories.
Use environment variables
Use environment variables
Store keys in environment variables, not hardcoded in source code.
Rotate keys periodically
Rotate keys periodically
Create a new key and delete the old one from the Dashboard. Old keys are invalidated immediately upon deletion.
Use separate keys per environment
Use separate keys per environment
Create distinct keys for development, staging, and production to limit blast radius if a key is compromised.
Error responses
| Status | Error | Cause |
|---|---|---|
401 | Missing API key | X-API-KEY header not provided |
401 | Invalid API key | Key not found or deleted |
402 | Insufficient credits | Account balance is $0.00 |
429 | Rate limit exceeded | Too many requests per minute |