diff --git a/src/middleware/auth.py b/src/middleware/auth.py
index 532fc6c..c4a4bc3 100644
--- a/src/middleware/auth.py
+++ b/src/middleware/auth.py
@@ -20,8 +20,9 @@ class APIKeyAuthMiddleware(BaseHTTPMiddleware):
         if not self.api_key:
             return await call_next(request)
 
-        # Skip auth for health check endpoints
-        if request.url.path in ["/health", "/healthz", "/"]:
+        # Skip auth for health check and documentation endpoints
+        public_paths = ["/health", "/healthz", "/", "/docs", "/redoc", "/openapi.json"]
+        if request.url.path in public_paths:
             return await call_next(request)
 
         # Get the Authorization header