Documentation
Getting Started

Authentication

Learn how to authenticate with the ALT Sports Data API using Bearer tokens or API key headers.

Authentication

Diagram showing the ALT Sports Data API authentication flow from API key to authenticated response.

Every API request requires authentication. ALT Sports Data uses API keys passed via HTTP headers -- no OAuth flows, no session tokens.

Getting your API key

For testing, use a demo key. Any key matching the pattern demo-xxxx works (for example, demo-0001). Demo keys provide access to a curated subset of public endpoints with lower rate limits.

For production, contact the ALT Sports Data team:

Authentication methods

ALT Sports Data accepts two equivalent header formats. Use whichever your HTTP client makes easiest.

Authorization: Bearer YOUR_API_KEY

X-API-Key header

X-API-Key: YOUR_API_KEY

Example requests

# Using Bearer token
curl -X GET "https://api.altsportsdata.com/api/v1/public/health" \
  -H "Authorization: Bearer YOUR_API_KEY"

# Using X-API-Key header
curl -X GET "https://api.altsportsdata.com/api/v1/public/health" \
  -H "X-API-Key: YOUR_API_KEY"
import { AltSportsData } from 'altsportsdata';

// The SDK handles authentication automatically
const client = new AltSportsData({
  apiKey: process.env.ASD_API_KEY,
});

const health = await client.health();
console.log(health.data.status); // "healthy"
from altsportsdata import AltSportsData

# The SDK handles authentication automatically
client = AltSportsData(api_key="YOUR_API_KEY")

health = client.health()
print(health.data["status"])  # "healthy"
const response = await fetch(
  "https://api.altsportsdata.com/api/v1/public/health",
  {
    headers: {
      Authorization: "Bearer YOUR_API_KEY",
    },
  }
);

const data = await response.json();
console.log(data);
req, _ := http.NewRequest("GET", "https://api.altsportsdata.com/api/v1/public/health", nil)
req.Header.Set("Authorization", "Bearer YOUR_API_KEY")

resp, _ := http.DefaultClient.Do(req)
defer resp.Body.Close()

body, _ := io.ReadAll(resp.Body)
fmt.Println(string(body))

Authentication errors

Status CodeMeaningWhat to check
401 UnauthorizedMissing or invalid API keyVerify the key is present and correctly formatted
403 ForbiddenKey lacks access to the requested resourceConfirm your plan includes the endpoint you are calling
429 Too Many RequestsRate limit exceededBack off and retry after the X-RateLimit-Reset timestamp

Demo vs. production keys

Demo Key (demo-xxxx)Production Key
AccessCurated public datasetFull account access
Rate limit100 requests/hourBased on plan
Real-time dataNoYes
WebSocket accessNoYes
SupportCommunityDedicated

Security best practices

  • Store keys in environment variables -- use ASD_API_KEY as the standard variable name
  • Never expose keys in client-side code or commit them to version control
  • Rotate keys regularly, especially if a key may have been exposed
  • Use HTTPS only -- all API traffic is served over TLS, and plaintext requests are rejected
  • Scope keys to their purpose -- use demo keys for development and testing, production keys for live traffic

Need help?

For API access, technical support, or partnership inquiries, contact connect@altsportsdata.com.

Introduction

Learn what ALT Sports Data is, who it serves, and how to navigate the platform.

Quickstart

Fetch upcoming events and odds from ALT Sports Data in under five minutes.

On this page

AuthenticationGetting your API keyAuthentication methodsBearer token (recommended)X-API-Key headerExample requestsAuthentication errorsDemo vs. production keysSecurity best practicesNeed help?