diff --git a/cmd/api.go b/cmd/api.go
index a612846..14ba555 100644
--- a/cmd/api.go
+++ b/cmd/api.go
@@ -4,6 +4,7 @@ Copyright © 2023 AGECEM & Victor Lacasse-Beaudoin
 package cmd
 
 import (
+	"crypto/subtle"
 	"fmt"
 	"log"
 
@@ -30,6 +31,13 @@ var apiCmd = &cobra.Command{
 
 		e.Pre(middleware.AddTrailingSlash())
 
+		if cfg.API.Key != "" {
+			e.Use(middleware.KeyAuth(func(key string, c echo.Context) (bool, error) {
+				return subtle.ConstantTimeCompare([]byte(key), []byte(cfg.API.Key)) == 1, nil
+			}))
+			log.Println("API server is using an API key")
+		}
+
 		v0 := e.Group("/v0")
 
 		bottinApiClient := bottindata.NewApiClient(cfg.Bottin.API.Key, cfg.Bottin.API.Host, cfg.Bottin.API.Protocol, cfg.Bottin.API.Port)
@@ -38,6 +46,7 @@ var apiCmd = &cobra.Command{
 		if err != nil {
 			log.Fatal(err)
 		}
+		defer dbClient.DB.Close()
 
 		handler := apihandler.New(bottinApiClient, dbClient)