# Authorization

Curra is operated by the coordinator (trustless authority), which indexes various blockchains to obtain data related to Curra features. All Curra features are completely non-custodial and doesn't require access to your private keys to work, you can treat it as "read-only".

### Prerequisites <a href="#prerequisites" id="prerequisites"></a>

To perform authorized requests, you can use JS/TS SDK or form HTTP requests by providing your [API key](https://docs.curra.io/curra-documentation/features/broken-reference).

### Obtain API key <a href="#obtain-api-key" id="obtain-api-key"></a>

To get the API secret you should complete onboarding on the Curra [application](https://app.curra.io/). After that, the secret can be obtained on the [configuration page](https://app.curra.io/configuration):<br>

<figure><img src="https://2269132824-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FA5QccW6BVD5fheygh32z%2Fuploads%2FhiHpSMcNVNaqiKcsHiIL%2Fimage.png?alt=media&#x26;token=60538b83-2683-4e15-b903-4def9ee85fee" alt="" width="563"><figcaption><p>Configuration page</p></figcaption></figure>

### JS/TS SDK <a href="#jsts-sdk" id="jsts-sdk"></a>

Install SDK:

```
npm i @curra/sdk
```

Create `Curra` instance:

```js
const { Blockchain, Curra } = require("@curra/sdk");

const curra = Curra.fromApiKey({
  apiKey: "paste your API key here",
});
```

Now you can use the instance to perform requests, and create an address for example:

```js
const address = await curra.getNextAddress();
```

### HTTP <a href="#http" id="http"></a>

API URL is [https://api.curra.io](https://api.curra.io/)

Set `X-API-KEY` header to your API key to authorize your HTTP request

HTTP request example to create an address on Ethereum blockchain:

```
GET /me
HOST: api.curra.io
```