diff --git a/backend/main.py b/backend/main.py
index 35db91d1..4f536437 100644
--- a/backend/main.py
+++ b/backend/main.py
@@ -1,9 +1,23 @@
-from fastapi import FastAPI
+from fastapi import FastAPI, Depends, HTTPException, status
+from fastapi.security import APIKeyHeader
+
+API_KEY = "example-api-key"
+API_KEY_NAME = "X-API-KEY"
+
+api_key_header = APIKeyHeader(name=API_KEY_NAME, auto_error=False)
 
 app = FastAPI()
 
 
-@app.get("/portfolio/{portfolio_id}")
+async def validate_api_key(api_key_header: str = Depends(api_key_header)):
+    if api_key_header != API_KEY:
+        raise HTTPException(
+            status_code=status.HTTP_403_FORBIDDEN, detail="Could not validate credentials"
+        )
+    return api_key_header
+
+
+@app.get("/portfolio/{portfolio_id}", dependencies=[Depends(validate_api_key)])
 async def get_portfolio(portfolio_id: int):
     return {
         "portfolio_id": portfolio_id,