> ## Documentation Index > Fetch the complete documentation index at: https://docs.galxe.com/llms.txt > Use this file to discover all available pages before exploring further. # Authentication > All Galxe API requests require a valid access token for authentication ## Get Your Access Token 1. **Login to Galxe** - Visit [dashboard.galxe.com](https://dashboard.galxe.com/) 2. **Open Settings** - Click your Account → Settings 3. **API Access** - Navigate to "Server API" section 4. **Generate Token** - Click "Generate New API Tokens" 5. **Copy Token** - Save the token securely (you can't view it again) ## Using the Token Include your token in the `access-token` header: ```bash theme={null} curl -X POST https://graphigo-business.prd.galaxy.eco/query \ -H "Content-Type: application/json" \ -H "access-token: YOUR_ACCESS_TOKEN" \ -d '{"query": "query { __typename }"}' ``` ## Security Best Practices ### Environment Variables ```bash theme={null} # .env file GALXE_ACCESS_TOKEN=your_token_here ``` ```javascript theme={null} // JavaScript const accessToken = process.env.GALXE_ACCESS_TOKEN; ``` ```python theme={null} # Python import os access_token = os.getenv('GALXE_ACCESS_TOKEN') ``` ### Production Deployment * Use secret management systems (AWS Secrets Manager, HashiCorp Vault) * Never commit tokens to version control * Rotate tokens regularly * Use environment-specific tokens ## Common Issues ### Invalid Token ```json theme={null} { "errors": [{ "message": "Invalid access token: invalid token", "extensions": { "code": "INVALID_TOKEN", "category": "AUTHENTICATION", "http_status": 401, "request_id": "req_123456789", "timestamp": "2024-01-01T00:00:00Z" } }] } ``` **Solution**: Regenerate token in dashboard settings ### Missing Header ```json theme={null} { "errors": [{ "message": "Access token is required", "extensions": { "code": "TOKEN_REQUIRED", "category": "AUTHENTICATION", "http_status": 401, "request_id": "req_123456789", "timestamp": "2024-01-01T00:00:00Z" } }] } ``` **Solution**: Add `access-token` header to request ### Rate Limiting ```json theme={null} { "errors": [{ "message": "API quota exceeded: daily limit reached", "extensions": { "code": "QUOTA_EXCEEDED", "category": "RATE_LIMIT", "http_status": 429, "request_id": "req_123456789", "timestamp": "2024-01-01T00:00:00Z", "details": ["quota_type: daily", "limit: 1000"] } }] } ``` **Solution**: Implement exponential backoff retry logic ## Error Response Format All GraphQL errors follow a standardized format with additional metadata: ```json theme={null} { "errors": [{ "message": "Human-readable error message", "extensions": { "code": "ERROR_CODE", // Machine-readable error code "category": "ERROR_CATEGORY", // Error classification "http_status": 400, // Corresponding HTTP status "request_id": "req_xxx", // Request tracking ID "timestamp": "2024-01-01T00:00:00Z", "details": ["additional", "context"], // Optional details array "context": { // Optional context object "field": "value" } } }] } ``` ### Error Codes and Categories | Code | Category | HTTP Status | Description | | ------------------- | ---------------- | ----------- | ------------------------ | | `TOKEN_REQUIRED` | `AUTHENTICATION` | 401 | Access token missing | | `INVALID_TOKEN` | `AUTHENTICATION` | 401 | Access token invalid | | `QUOTA_EXCEEDED` | `RATE_LIMIT` | 429 | API quota exceeded | | `PERMISSION_DENIED` | `AUTHORIZATION` | 403 | Insufficient permissions | | `NOT_FOUND` | `NOT_FOUND` | 404 | Resource not found | | `INVALID_ARGUMENT` | `VALIDATION` | 400 | Invalid input parameters | ## Next Steps * **[Quick Start](/galxe-integration/getting-started/quick-start)** - Test your token * **[Common Patterns](/galxe-integration/getting-started/common-patterns)** - Integration patterns * **[Rate Limits](/galxe-integration/resources/rate-limits)** - API limits and optimization