# Authentication

To make API calls on PEZESHA, you’ll have to pass a `Bearer Token`  To generate a token you simply

1. Request credentials from PEZESHA (**Client ID**, **Client Name** & **Client Secret**)
2. Make API call to **`{{BASE_URL}}/oauth/token`** passing in your API Credential. Doesn't have **mfi** prefix
3. You'll be authenticated and receive a token to process further API calls

{% tabs %}
{% tab title="Authentication Format" %}

```yaml
Authorization: Bearer {token}
```

{% endtab %}
{% endtabs %}

## AUTH Token

<mark style="color:green;">`POST`</mark> `{{https://api.pezesha.com or https://dev.api.pezesha.com}}/oauth/token`

Use this endpoint to generate an JWT to be used for authentication in further API calls

#### Headers

| Name         | Type   | Description                                     |
| ------------ | ------ | ----------------------------------------------- |
| Content-Type | string | Default (**application/x-www-form-urlencoded**) |

#### Request Body

| Name           | Type   | Description                       |
| -------------- | ------ | --------------------------------- |
| grant\_type    | string | Default (**client\_credentials**) |
| provider       | string | Default (**users**)               |
| client\_secret | string | Provided by Pezesha               |
| client\_id     | string | Provided by Pezesha               |

{% tabs %}
{% tab title="200 You will get this response if everything goes well" %}

```javascript
{
    "token_type": "Bearer",
    "expires_in": 86400,
    "access_token": "ACCESS_TOKEN_HERE"
}
```

{% endtab %}

{% tab title="401 If something is wrong" %}

```javascript
{
    "error": "invalid_client",
    "error_description": "Client authentication failed",
    "message": "Client authentication failed"
}
```

{% endtab %}
{% endtabs %}