# Getting Started

LocalRamp authenticates your API requests using your account’s API *secret key* and *public key*

Your **Secret Key** should be kept **confidential** and only stored on your own servers. Your account’s secret API key performs sensitive API requests and as such should NEVER be exposed.

Your **Public Key** on the other hand can be published. This key can be used for collections (Pay-ins) and other misc API calls. This key **cannot** be used for payouts and swaps.

## Obtaining your API keys

To get your API keys, go to the [API settings](https://merchant.localramp.co/dashboard/settings/api) section of your dashboard and copy the keys.

## Authentication

Authenticate your API calls by adding a `x-auth-token` header with your secret key or public key for every request you make.

```
x-auth-token: <SECRET_KEY|PUBLIC_KEY>
```