> ## Documentation Index
> Fetch the complete documentation index at: https://docs.55-tech.com/llms.txt
> Use this file to discover all available pages before exploring further.

# MM Authentication - API Key Setup

> Learn how to authenticate MM API requests using the X-API-Key header (UUID). Client API and WebSocket authentication.

All MM client endpoints require authentication via the `X-API-Key` header (UUID format).

## Client API authentication

Pass your API key (UUID format) in the `X-API-Key` header:

```bash theme={null}
curl -H "X-API-Key: YOUR_API_KEY" \
  https://mmapi.55-tech.com/api/v1/trading/status
```

Your API key is bound to a specific `client` entity. All data returned is filtered to your client — you only see your own orders, bets, and positions.

## WebSocket authentication

For WebSocket connections, send your API key in the subscribe message:

```json theme={null}
{
  "type": "subscribe",
  "apiKey": "YOUR_API_KEY",
  "channels": ["orders", "bets", "accounts", "scores"]
}
```

You must send the subscribe message within **30 seconds** of connecting, or the connection is closed. See [WebSocket](/mm-api/websocket) for details.

## Rate limiting

Rate limits are enforced per client:

* **REST API:** 2,000 requests per minute
* **WebSocket:** Maximum 5 concurrent connections per API key
* **Exceeded:** Returns `429 Too Many Requests`

## Error responses

| Status | Meaning                                         |
| ------ | ----------------------------------------------- |
| `401`  | Invalid or missing API key (must be valid UUID) |
| `429`  | Rate limit exceeded                             |

```json theme={null}
{"detail": "Invalid or missing API key"}
```
