# Authentication

Request are **authenticated** using <mark style="color:blue;">`Bearer tokens`</mark>. We provide a token for the requests, these tokens are used in **API Calls** , developers should also use <mark style="color:blue;">`http status`</mark> to know the result of an **API call** .

Authorization headers should be in the following format: `Authorization: Bearer token` . Pass your secret key as a `bearer token` in the request header to authorize all requests.&#x20;

<figure><img src="/files/2kaYPbqEAo68cjFOezWi" alt=""><figcaption><p>Authenticate against the Identity provider</p></figcaption></figure>

### Authentication with Curl

```
curl --location --request POST 'https://idp-test.fsdhgroup.com/connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id=test-client' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'client_secret=secret'// Some code
```

### Authentication with Postman&#x20;

<figure><img src="/files/0jdNQlKNQ1wyxmQ8AxWO" alt=""><figcaption><p>Using postman to retrieve access token</p></figcaption></figure>

### Authentication with Powershell - Rest method&#x20;

```
$headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$headers.Add("Content-Type", "application/x-www-form-urlencoded")

$body = "client_id=test-client&grant_type=client_credentials&client_secret=secret"

$response = Invoke-RestMethod 'https://idp-test.fsdhgroup.com/connect/token' -Method 'POST' -Headers $headers -Body $body
$response | ConvertTo-Json
```

### API Authorization

All API calls on FSDH are authenticated. API requests made without authorization will fail with the status code <mark style="color:red;">`401: Unauthorized`</mark>.

{% hint style="info" %}
Your secret key can perform any transactions on your FSDH account without restriction.&#x20;
{% endhint %}

To authorize API calls from your server, pass your secret key as a bearer token. This means passing an `Authorization` header with a value of `"Bearer: YOUR_SECRET_KEY"`.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://fsdhgroup.gitbook.io/fsdh-developer-documentation/integration-guide/authentication.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.