# Headers & Authentication

If you are creating a basket **on your backend server**, you will need to provide us the IP address of the customer through the [Create a Basket endpoint.](https://docs.tebex.io/developers/headless-api/creating-a-basket)\
\
If you are creating a basket from the user's browser, we will automatically determine the IP from the requesting device.

{% hint style="danger" %}
**Currently we are unable to support IPv6 addresses** being provided in the ip\_address property. While we work on enabling IPv6 support, please provide an IPv4 address for the customer.
{% endhint %}

## Authorization

If you’re being asked for authentication; you'll need to use HTTP BASIC with the following details:

| Username **(Public Token)** | Your Public Token (you can get this from <https://creator.tebex.io/developers/api-keys>) |
| --------------------------- | ---------------------------------------------------------------------------------------- |
| Password **(Private Key)**  | Your Private Key (you can get this from <https://creator.tebex.io/developers/api-keys>)  |

{% hint style="warning" %}
Your store's Private Key should **never** be shared publicly. If your key is ever compromised, it can be reset on the API Keys page linked in the table above.
{% endhint %}

## Content Type

All requests use `application/json` as the `Content-Type`. Ensure this is set with all requests to our Headless API.

## Example of an authenticated [create basket](https://docs.tebex.io/developers/headless-api/creating-a-basket) request

```javascript
const url = "https://headless.tebex.io/api/accounts/{token}/baskets";

const headers = new Headers();
headers.append('Authorization', 'Basic ' + btoa(username + ':' + password));
headers.append('Content-Type', 'application/json');

const body = {
 "complete_url": "https://example.tebex.io/thank-you",
 "cancel_url": "https://tebex.io/",
 "custom": {
  "foo": "bar"
 },
 "complete_auto_redirect": true,
 "username": "TebexDev"
};

const options = {
 method: 'POST',
 headers: headers,
 body: JSON.stringify(body)
};

const response = await fetch(url, options);
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.tebex.io/developers/headless-api/headers-and-authentication.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.