# How to use StatusEntry API key pairs to authenticate your request

When you generate your API key pair, you will see your [**Access Key**](https://status.statusentry.com/) and **Secret Key**. Using these keys, you need to generate an **Authorization** header so that we can understand who is making this request and perform authorization controls for that user for the relevant operation.

The generated "**Authorization**" header should be generated using the below format:

"StatusEntry *`${Access_Key}`*:*`${Signed_Key}`*"

You know your access "Access\_Key *"* after you generate the key pair. 

Here is how you should generate your "Signed\_Key" using your access and secret keys:

You need to generate a signed JWT token using your *secret key* to produce "Signed\_Key" by setting the below fields:

```
{
  "iss": "${access_key}",
  "exp": 1641170086,
  "aud": "www.statusentry.com"
}
```

An example java code using this [jwt library](https://github.com/jwtk/jjwt) is as follows:

```
String accessKey = "AK123";
String secretKey = "SK456";
String relativeRequestUrl = "/v1/incidents";
String signedKey = Jwts.builder()
                .setIssuer(accessKey)
                .setIssuedAt(Date.from(Instant.now()))
                .setExpiration(Date.from(Instant.now().plus(1, ChronoUnit.DAYS)))
                .setAudience("www.statusentry.com")
                .signWith(SignatureAlgorithm.HS256, secretKey.getBytes(StandardCharsets.UTF_8))
                .compact();
```

An example generated Authorization header is as follows:

> StatusEntry AK5147f230-f237-461e-86b2-23b834c3a697:eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJBSzUxNDdmMjMwLWYyMzctNDYxZS04NmIyLTIzYjgzNGMzYTY5NyIsImlhdCI6MTYwOTYzMDk5NCwiZXhwIjoxNjQxMTcwMDg2LCJhdWQiOiJ3d3cuc3RhdHVzZW50cnkuY29tIiwic3ViIjoiL3YxL2luY2lkZW50cy81OTk2Nzc2ZC0yMWQxLTRkNzItOTJiZS03NTE3YTM1NWNhOTYifQ.MYK8VWWmV\_pWikL1IB6V6W7KHkpEEYnQ5MikTcskwPg

You can find popular JWT libraries to use for your development language [here](https://jwt.io/).