> ## Documentation Index
> Fetch the complete documentation index at: https://docs.partners.api.cobee.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication

> Learn about how to authenticate with the API

## Overview

Authentication is an essential part of securing access to the API. In our API, we use **JWT (JSON Web Token)** to verify the identity of users and systems accessing the API. To obtain a JWT, you must authenticate using your **clientId** and **clientSecret**.

JWT is a compact, URL-safe means of representing claims to be transferred between two parties. It is used to authenticate API calls and validate that the user has the proper access privileges.

## Authentication Flow

To authenticate with the API, follow these steps:

1. **Obtain your clientId and clientSecret:**
   These credentials are provided when you register your application with the API provider. You will use these credentials to authenticate and obtain the JWT.

2. **Authenticate to get the JWT:**
   Use your **clientId** and **clientSecret** to request a JWT using the <a href="./authentication/endpoint/post_authenticate" target="_self">Oauth Endpoint</a>.

<Warning>
  **Important Notice**<br />
  The JWT has an expiration time, so you will need to re-authenticate periodically to obtain a new token.
</Warning>

<Warning>
  **Important Notice**<br />
  Treat `clientId`, `clientSecret` and `jwtToken` as sensitive data:

  * Do not commit them in version control or expose them in logs
  * Store them securely (e.g. using a secrets manager)
  * Do not expose them in client-side code or share them publicly
</Warning>

You are ready to start using the API!