Place API key in Headers or URL

Question

I\'m designing a public API to my company\'s data. We want application developers to sign up for an API key so that we can monitor use and overuse.

Since the API is

Answer 1

I would not put the key in the url, as it does violate this loose 'standard' that is REST. However, if you did, I would place it in the 'user' portion of the url.

eg: http://me@example.com/myresource/myid

This way it can also be passed as headers with basic-auth.