General
Authentication
AccuWeather APIs use API key-based authentication to secure access to weather data. Every request to the API must include a valid API key in the Authorization header.
Getting Your API Key
Your API key is available in your account dashboard:
- Sign up for a free AccuWeather developer account if you haven't already
- Navigate to your Subscriptions page
- Copy your API key from the dashboard
Your API key is unique to your account and should be kept secure. Do not share it publicly or commit it to version control.
Making Authenticated Requests
Include your API key in the Authorization header using the Bearer token format:
Curl Example
Code
This example retrieves current weather conditions for New York City (location key: 349727).
Response Format
Successful requests return JSON data with weather information. Unauthorized requests return a 401 status code.
Code
Authentication Best Practices
Secure API Keys
- Store API keys as environment variables
- Never hardcode keys in client-side applications
- Use server-side proxies for client applications
- If you think your API key has been compromised contact support immediately
Request Headers
- Always include
Accept-Encoding: gzip,deflatefor compression - Use HTTPS endpoints exclusively. Unsecure HTTP is not supported.
- Include proper error handling for authentication failures
Troubleshooting
| Issue | Solution |
|---|---|
| 401 Unauthorized | Verify your API key is correct and active |
| 403 Forbidden | Check your subscription limits in Subscriptions |
| Rate limit exceeded | Implement caching and respect the expires header |
What's Next?
Now that you understand authentication, explore our APIs:
- Core Weather quick-start - Get started with weather data
- MinuteCast™ quick-start - Minute-by-minute precipitation forecasts
- Best practices - Optimize your API usage
Last modified on