NewMCP ServerView docs
Getting Started

Authentication

Learn how to authenticate with the LH42 API using API keys, OAuth, or session tokens.

6 min readUpdated 2026-01-14

Authentication

LH42 supports multiple authentication methods to fit your use case.

API Keys

The simplest method for server-to-server communication.

Creating an API Key

  1. Go to Settings > API Keys
  2. Click "Create New Key"
  3. Give it a descriptive name
  4. Copy the key (it won't be shown again)

Using API Keys

Include the key in the Authorization header:

bash
curl -H "Authorization: Bearer YOUR_API_KEY" \
  https://api.lakehouse42.com/v1/search

Or with the SDK:

python
from lakehouse42 import LakehouseClient
client = LakehouseClient(api_key="YOUR_API_KEY")

OAuth 2.0

For applications that act on behalf of users.

Supported Flows

  • Authorization Code (web apps)
  • PKCE (mobile/SPA)
  • Client Credentials (machine-to-machine)

Example Flow

python
# 1. Redirect user to authorization URL
auth_url = client.auth.get_authorization_url(
    redirect_uri="https://yourapp.com/callback",
    scope=["read", "write"]
)

# 2. Exchange code for tokens
tokens = client.auth.exchange_code(
    code="AUTHORIZATION_CODE",
    redirect_uri="https://yourapp.com/callback"
)

# 3. Use the access token
client = LakehouseClient(access_token=tokens.access_token)

Session Tokens

For web applications using cookie-based auth.

typescript
// Server-side: Create session
const session = await client.sessions.create({
  userId: user.id,
  expiresIn: '7d'
});

// Client-side: Token included in cookies

Best Practices

  1. Never expose API keys in client-side code
  2. Rotate keys regularly - at least every 90 days
  3. Use environment variables to store secrets
  4. Implement key scoping - limit permissions per key
  5. Monitor usage - set up alerts for unusual activity