# Handle your API Keys

There are **2 ways** to use your own scanner API Keys with **Houdin API.**\
You can chose either one of them depending on your preference.\
The **WebApp** can only be used with the **Storage** method however.

## Storage

By going into your **Profile** menu, you can save API Keys for each Houdin scanner individually.\
Once an API Key is saved this way, it will be used both in **Houdin WebApp** and **Houdin API** without any further action required.

{% hint style="info" %}
API Keys are transmitted and stored in an encrypted form in Houdin's database.

We use Elliptic curve cryptography for end-to-end encryption and Argon2 hashing for encryption at rest.
{% endhint %}

<figure><img src="https://1078506402-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FX9WpicK4Twgfa3LU4QMX%2Fuploads%2FqbIU8PvfJ8tkFv5oh9So%2Fsaveapikeys.gif?alt=media&#x26;token=93c5cc70-f01f-4887-ae73-e80d8246bbcd" alt=""><figcaption><p>A quick example on the API Key storage process</p></figcaption></figure>

## Headers

When using the Houdin API, you can specify the API for each scanner you want to use via the requests headers. An example is given in the documentation for the [**Launch scan**](https://docs.houdin.io/api/endpoints/launch-scan) API endpoint:

To provide your VirusTotal API Key for the scan you can specify the following header:

X-VT-API-Key: xxxxxxxxxxxxxxxxxxx **OR** X-VIRUSTOTAL-API-Key: xxxxxxxxxxxxxxxxxxx

For other scanners you can use the uppercase name of each one like such:

* X-URLSCAN-API-Key
* X-ABUSEIPDB-API-Key
* X-ALIENVAULT-API-Key
* X-TRIAGE-API-Key