> ## Documentation Index
> Fetch the complete documentation index at: https://docs.miso.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication

## API Keys

Miso uses API keys to authenticate requests. You can view and manage your API keys in the [Dojo Dashboard](https://dojo.askmiso.com/docs/api-browser).

Each environment has its own set of keys: one secret key and one publishable key. Pass the appropriate key with every API request.

***

## Environments

There are three environments in Miso:

* **Playground** — A read-only tutorial environment pre-loaded with sample data. Use this to explore Miso's APIs without affecting your own data.
* **Development** — For staging, QA, and experimentation. Use this environment to test your integration before going live.
* **Production** — Your live environment. Use this for all requests that serve real users.

***

## Secret API Key

The secret API key grants full access to all Miso API endpoints, including data ingestion and engine queries.

**Keep this key private.** Never expose it in client-side code or public repositories. If the key is compromised, revoke it in the [Dojo Dashboard](https://dojo.askmiso.com/docs/api-browser) and generate a new one.

You can pass the secret key in either of two ways:

**As a request header:**

```http theme={null}
X-API-KEY: YOUR_SECRET_KEY
```

**As a query parameter:**

```http theme={null}
GET /v1/recommendation/user_to_products?api_key=YOUR_SECRET_KEY
```

***

## Publishable API Key

The publishable API key is intended for use in front-end code (e.g., browser JavaScript). It can be used to stream interactions from the browser or to retrieve read-only search and recommendation results for a given user.

Pass the publishable key as a query parameter:

```http theme={null}
POST /v1/interactions?api_key=YOUR_PUBLISHABLE_KEY
```

**Important:** When using the publishable API key, the `user_id` field in your requests must be hashed to maintain security compliance.
