How to verify and use your Claude (Anthropic) API key — without writing a line of code

24 June 2026 7 min read API StudioClaude APILLM keys

You signed up, you created a key, it starts with sk-ant- — and now you’re staring at the docs wondering whether the thing actually works before you wire it into your app. Half the time the first call fails not because the key is bad, but because of two headers nobody mentions until you’ve already hit a 400.

I built a small free tool, API Studio, specifically for this moment: paste your key, click one button, and find out in two seconds whether it’s live — without opening a terminal, installing anything, or pasting your secret into a sketchy website. Your key is saved only in your own browser; when you run a request it’s relayed once through a stateless proxy that stores nothing and logs nothing. Here’s the whole thing, plus the gotchas.

The fastest way to check a Claude key: list your models

The cheapest, safest “is this key alive?” call is not a chat — it’s listing the models the key can see. It runs no model, so it costs zero tokens and is never billed:

curl https://api.anthropic.com/v1/models \
  -H "x-api-key: $ANTHROPIC_API_KEY" \
  -H "anthropic-version: 2023-06-01"

A 200 with a JSON list means the key works and tells you exactly which models your organisation can call. A 401 authentication_error means the key is wrong, mistyped, or revoked. In API Studio this is the Verify key button — one click, no curl.

The two headers everyone forgets

Anthropic’s API has two requirements that trip up almost everyone on the first try:

Auth is x-api-key, not Authorization: Bearer. If you reach for the OpenAI muscle memory and send a Bearer token, Claude returns a 401. The key goes in its own x-api-key header, raw, with no Bearer prefix.
anthropic-version is required on every request — including the free /v1/models check above. It’s a date string, not a semver; 2023-06-01 is still the current value. Omit it and you get a 400 before the request even reaches a model.

API Studio pre-wires both for you, so you can’t forget them.

Sending your first message

Once the key checks out, the real call is POST /v1/messages:

{
  "model": "claude-haiku-4-5",
  "max_tokens": 64,
  "messages": [
    { "role": "user", "content": "In one short sentence, say hello and confirm my API key works." }
  ]
}

Three things worth knowing here:

max_tokens is required on the Messages API, and it’s a hard cap on the output (and it’s billed). Leave it out and you get a 400; set it too low and the reply gets cut off with stop_reason: "max_tokens".
The system prompt is a top-level field, not a { "role": "system" } message inside the array. This is different from the OpenAI shape and catches people porting code across.
The response content is always an array of blocks, never a plain string. Read the text from the block where type is "text", and check stop_reason (end_turn = done, tool_use = it wants to call a tool, max_tokens = truncated).

In API Studio, the Send a message preset fills all of this in with the cheapest model and a tiny output cap, so a test costs a fraction of a cent on your own account.

Which model should I put in there?

As of mid-2026 the current Claude models on the API are:

Model	Good for	Notes
`claude-haiku-4-5`	fast, cheap, high-volume	the one to test with
`claude-sonnet-4-6`	the everyday workhorse	balanced cost/quality
`claude-opus-4-8`	the hardest reasoning	most capable, priciest

Two snags on model IDs:

Don’t append a date to the current aliases. claude-opus-4-8 works; claude-opus-4-8-20251114 will 404. (Only some older snapshots have dated IDs.)
The newest models reject temperature. On Opus 4.8 (and Fable 5) sending temperature, top_p or top_k returns a 400 — steer with the prompt instead. Sonnet and Haiku still accept them. If you don’t know which you’re on, just don’t send sampling params and you’ll never hit it.

The honest way to never guess a model ID is to list them — which is exactly why API Studio’s verify call doubles as a model-discovery call.

Counting tokens before you spend any

One more free trick: POST /v1/messages/count_tokens (same auth headers) returns the input token count for a prompt without running the model. It’s the cleanest way to size a prompt — or a whole conversation with tools and images — before you pay for a single completion. It’s a preset in API Studio too.

Why a tool instead of curl?

Two reasons. First, a browser can’t call api.anthropic.com directly — the API blocks cross-origin browser requests, which is the same reason you should never put a key in front-end code. So API Studio relays your request once through a thin server hop that keeps nothing. Second, when you’d rather trust no one, it hands you the exact cURL, Node, or Python for the request you just ran, so you can paste it into your own machine and cut us out of the loop entirely.

Verify your Claude key in API Studio →

Once the key works, the interesting part begins: wiring Claude into something that runs by itself — auth that refreshes, retries, rate-limit guards, and the pipeline that moves your data between your tools. That’s the day job. If you want a hand with it, send me a brief.