Change Notice
On November 1st, 2025, DeepL will fully obsolesce support for providing authentication information in anauth_key
query parameter or in an auth_key
field of the request body.
Deprecation of this feature was previously announced in March 2025, but we have continued to support it temporarily to allow more time for customers to complete the migration.
You will no longer be able to authenticate a request to any endpoint by sending an API key in a query parameter or request body. Instead, send your API key in an HTTP header named Authorization
.
- You will no longer be able to authenticate a request to any endpoint by sending an API key in a query parameter or in the request body. Instead, send your API key in an HTTP header named
Authorization
. - If you use one of DeepL’s officially-supported client libraries, you won’t be negatively affected by the breaking changes and do not need to update your application. Specifically, we’ve confirmed the following client library versions:
- deepl-php: 1.0.0+
- deepl-python: 1.0.0+
- deepl-java: 1.0.0+
- deepl-dotnet: 1.0.0+
- deepl-node: 1.1.0+
- deepl-rb: 3.0.0+
Authorization
, like this:
auth_key
query parameter or an auth_key
field of the request body.
Why is DeepL doing this now?
The API best practice is to authenticate a request by including the API key in an HTTP header. Sending an API key in a GET request or in a URL risks exposing the API key to the public via logs or other means. For privacy and security reasons, we must disallow this practice.What happens if a user continues to use a deprecated cipher suite?
If you continue to use one of the cipher suites we’re deprecating, you won’t be able to access the DeepL API. This means that, for example, CAT tool plugins would no longer work properly.What if I continue to use non-header authentication?
After the date above, translation requests that attempt to authenticate with anauth_key
query parameter or an auth_key
field in the request body will fail with a 403 Forbidden
response.
What action should I take so that I’m not affected?
If you develop your own application using the DeepL API:- Ensure your code is not using either of the deprecated features.
- Update to the most recent version of the plugin. If you experience trouble, contact the plugin provider to make sure they are aware of these deprecations.