> ## Documentation Index
> Fetch the complete documentation index at: https://docs.cavok.dev/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication

> Guide on how to authenticate against our API

## Token Exchange

Our API uses a well-known OAuth 2 Client Credentials workflow.

With your `clientId` and `keyId` information from the [API Keys page](https://www.cavok.dev/admin/api),
you make a request to our `oauth/token` endpoint and exchange your credentials for a Json Web Token (JWT) which gives actual access to the API.

<Card title="OpenAPI 3.0 file" icon="plug" href="https://github.com/Cavok-Cloud/docs/blob/main/api-reference/openapi.yaml">
  View the OpenAPI spec file from our GitHub Documentation repository.
</Card>

## Authorizing Requests

The given JWToken has to be put as a `Header: Authorization` following the "Bearer" mechanism:

> Header: Authorization: `Bearer {access_token}`.

<Warning>Any endpoint request that fail Authorization will be answered with a `401: Unauthorized` status code.</Warning>
