diff --git a/issues/2020-12Dec/auth-route-YNQAQKJS.md b/issues/2020-12Dec/auth-route-YNQAQKJS.md
index 63bf70c..549fa87 100644
--- a/issues/2020-12Dec/auth-route-YNQAQKJS.md
+++ b/issues/2020-12Dec/auth-route-YNQAQKJS.md
@@ -4,16 +4,16 @@
 
 ## Test curl commands
 
+Export the scraper API's URL prefix to an environment variable:
+
+`export API=http://127.0.0.1:4000/scraper`
+
 Put your API key into a header file, like this:
 
 ```
 X-ApiKey: bad_password
 ```
 
-Export the scraper API's URL prefix to an environment variable:
-
-`export API=http://127.0.0.1:4000/scraper`
-
 Call it "scraper-secret.txt" or something else obviously secret.
 Don't check it into Git. The key will expire every 30 days and need
 to be rotated manually. (for now)