website: Flesh out docs split.

website: Copy files during build. website: Allow for mixed env builds. website: Reduce build size. website: Expose build. website: Add build memory debugging. WIP: Disable broken links check to compare memory usage. website: Update deps. website: Clean up API paths. website: Flesh out 3.8 fixes. Format. website: Update ignore paths. Website: Clean up integrations build. website: Fix paths. website: Optimize remark. website: Update deps. website: Format. website: Remove linking. website: Fix paths. wip: Attempt API only build. Prep. Migrate render to runtime. Tidy sidebar. Clean up templates. docs: Move directory. WIP docs: Flesh out split. website: Fix issue where routes have collisions.
2025-06-17 21:02:38 +02:00
parent b10c795a26
commit 582812b3ec
704 changed files with 5179 additions and 4670 deletions
--- a/docs/api/authentication.md
+++ b/docs/api/authentication.md
@ -0,0 +1,18 @@
+---
+title: Authentication
+sidebar_position: 1
+---
+
+For any of the token-based methods, set the `Authorization` header to `Bearer <token>`.
+
+### Session
+
+When authenticating with a flow, you'll get an authenticated Session cookie, that can be used for authentication. Keep in mind that in this context, a CSRF header is also required.
+
+### API Token
+
+Users can create tokens to authenticate as any user with a static key, which can optionally be expiring and auto-rotate.
+
+### JWT Token
+
+OAuth2 clients can request the scope `goauthentik.io/api`, which allows their OAuth Access token to be used to authenticate to the API.