> ## Documentation Index
> Fetch the complete documentation index at: https://docs.pulsedive.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication

> Authenticate with Pulsedive's TAXII server using your API key through HTTP Basic Auth or query parameters.

<Callout icon="map-pin" color="#8b5cf6" iconType="regular">
  To use this endpoint, you must have a Pulsedive [Pro](https://pulsedive.com/about/pro) or [Feed](https://pulsedive.com/about/feed) plan.
  Your export access and permissions are determined by your plan.
</Callout>

## Authentication Methods

Pulsedive's TAXII server supports two authentication methods using your API key:

* **HTTP Basic Authorization**:
  Encode your credentials using Base64 and include them in the `Authorization` header.
  Standard method required by the TAXII specification.
  Best for production deployments, standard TAXII clients, and automated integrations.
* **Query String Authentication**:
  Include your API key as a URL parameter.
  Specific to Pulsedive's implementation.
  Best for testing and debugging, manual API exploration, and simple `curl` commands.

<Tip>
  For production use, always use HTTP Basic Authorization because it is the standard method and keeps your API key out of server logs and URLs.
</Tip>

## HTTP Basic Authorization

This is the standard method required by the TAXII specification.
Most TAXII clients expect this authentication method.

Encode `taxii2:<YOUR_API_KEY>` using Base64 and include it in the Authorization header:

```http theme={null}
GET /taxii2/ HTTP/1.1
Authorization: Basic <BASE64_ENCODED_taxii2:YOUR_API_KEY>
Accept: application/taxii+json;version=2.1
```

### Using a TAXII Client or Library

If your client or library prompts for a username and password separately, use these credentials:

* **Username**: `taxii2`
* **Password**: `<YOUR_API_KEY>`

The client will automatically encode this as `taxii2:<YOUR_API_KEY>` and convert to Base64.

## Query String Authentication

This method is specific to Pulsedive's TAXII implementation and useful for testing or debugging.
Include your API key as a URL parameter in a `GET` request:

```bash theme={null}
curl "https://pulsedive.com/taxii2/ \
    ?key=<YOUR_API_KEY> \
    &accept=application/taxii+json;version=2.1 \
    &pretty=1"
```

### Endpoint

`GET` `/taxii2/`

### Query Parameters

<ParamField path="key" type="string" required>
  Your Pulsedive API key.

  Required for all requests, including the free test collection.
</ParamField>

<ParamField path="accept" type="string" required>
  Media type for the response.
  Use `application/taxii+json;version=2.1` for TAXII requests.
</ParamField>

<ParamField path="pretty" type="enum<integer>">
  Indicates whether to format returned JSON results.

  For pretty-printed output, set to 1.
  For compact output, set to 0.

  This parameter only affects JSON output format.

  Available options: `0`, `1`
  Default: `0`
</ParamField>

## Testing Your Authentication

Verify your authentication works by requesting the discovery endpoint:

```bash theme={null}
# HTTP Basic Auth
curl -H "Authorization: Basic <BASE64_ENCODED_API_KEY>" \
     -H "Accept: application/taxii+json;version=2.1" \
     https://pulsedive.com/taxii2/

# Query String (for testing)
curl "https://pulsedive.com/taxii2/ \
    ?key=<YOUR_API_KEY> \
    &accept=application/taxii+json;version=2.1 \
    &pretty=1"
```

Both methods should return the same response with available API roots and collection information.
