graphprotocol · idalithb · Jul 19, 2025 · Jul 15, 2025 · Jul 18, 2025 · Jul 18, 2025
@@ -26,6 +26,30 @@ A new window will pop up:
 
 ![Create API Key Window](/img/create-api-key.png)
 
+## Using Your API Key
+
+> [!IMPORTANT] Always keep your API key in environment variables or a secure secrets manager. Do not hardcode it in your codebase or expose it in client-side apps.
+
+When you query The Graph from your dapp, you can use your API key in two ways:
+
+1. In the URL (optimal method for Subgraph queries):
+
+   Include the API Key directly to your query endpoint:
+
+   ```
+   https://gateway.thegraph.com/api/<YOUR_API_KEY>/subgraphs/id/<SUBGRAPH_ID>
+   ```
+
+2. As a bearer Token:
+
+   Include your API Key in the `Authorization` request header for added security:
+
+   ```
+   Authorization: Bearer <YOUR_API_KEY>
+   ```
+
+Check out [Querying from an App](/subgraphs/querying/from-an-application) for more details.
+
 ## Manage API Keys
 
 The “API keys” table lists existing API keys and allows you to manage or delete them. For each key, you can see its status, the cost for the current period, the spending limit for the current period, and the total number of queries.