> For the complete documentation index, see [llms.txt](https://eshop.gitbook.io/eshopbox-developers/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://eshop.gitbook.io/eshopbox-developers/basics/authentication.md).

# Authentication

All requests to the API need to be accompanied by an authorization header with an access token:

`Authorization: Bearer 212LJ3k0i2382364HIUEjfeJB98yvH`

Authentication token gives permissions for your app to access data of a particular workspace, and is used to authenticate a request to the API endpoint.

### The `Token` Object

{% tabs %}
{% tab title="Attributes" %}

| **Attribute**                                  | **Type**  | **Description**                                                                             |
| ---------------------------------------------- | --------- | ------------------------------------------------------------------------------------------- |
| `access_token`                                 | `string`  | The access token you will use for subsequent authenticated requests to the API.             |
| `refresh_token`                                | `string`  | The refresh token can be used to obtain a renewed access token.                             |
| `id_token`                                     | `string`  | The ID token for the user. Not for accessing any API in your application.                   |
| [`scope`](broken://pages/-M6Ybl9ukfgnrPvWxthQ) | `string`  | The scopes which you want to request authorization for. These must be separated by a space. |
| `expires_in`                                   | `integer` | The duration in seconds in which the token will expire.                                     |
| `token_type`                                   | `string`  | Right now this will only be `Bearer`.                                                       |
| {% endtab %}                                   |           |                                                                                             |

{% tab title="Sample Response" %}

```
{
    "access_token": "eyJhbGciOiJSUzI1N...InR5cCI6IkpXVCIsI",
    "refresh_token": "GEbRxBNyURedwnqAs...edjnXbLPjyWqaxFtr",
    "id_token": "eyJhbGciOiJSUzI1Ni...I6IkpXVCIsImtpZC",
    "scope": "openid profile",
    "expires_in": 86400,
    "token_type": "Bearer"
}
```

{% endtab %}
{% endtabs %}
