# API

## Authentication header

The API uses bearer authentication. Add the following header to each API HTTP request;

```
Authorization: Bearer <token>
```

## Creating an access token

Access tokens *(aka API keys)* can be created and managed via account settings.

![](https://3335821170-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LmsxwxFoiQsRNU4Uy_E%2F-LnG9N3ETtzXUYmIkECd%2F-LnGAzPNjvhiKoWpkWui%2Fscreenshot-localhost-8000-2019.08.27-05-40-02.png?alt=media\&token=50b05d97-0e5f-4d5c-a4ef-1db5a0d08d52)

Press `Add token` to create a new token. When adding a token, specify a name that reflects what the token will be used for.

![](https://3335821170-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LmsxwxFoiQsRNU4Uy_E%2F-LnG9N3ETtzXUYmIkECd%2F-LnGCFGceRQNegX-mBsn%2Fscreenshot-localhost-8000-2019.08.27-05-40-29.png?alt=media\&token=a88014e1-7bc5-4f4b-bae9-ddc8aef6462a)

Copy the value of the `Key` field, which is uses for the authentication. Beware that the key is only displayed when creating an access token. If you loose this value, simply remove the token and create a new one.

![](https://3335821170-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LmsxwxFoiQsRNU4Uy_E%2F-LnG9N3ETtzXUYmIkECd%2F-LnGCXfj6YcxdOUrLblo%2Fscreenshot-localhost-8000-2019.08.27-05-40-48.png?alt=media\&token=2c4b2553-b773-4091-bf52-0b1beda18c58)

Under `Advanced options` you can limit a key to specific folders. By default a key can access templates from any folder.

It's also possible to give a key super privileges, which allows you to create access tokens via the API. This is generally not recommended.