582812b3ec
website: Copy files during build. website: Allow for mixed env builds. website: Reduce build size. website: Expose build. website: Add build memory debugging. WIP: Disable broken links check to compare memory usage. website: Update deps. website: Clean up API paths. website: Flesh out 3.8 fixes. Format. website: Update ignore paths. Website: Clean up integrations build. website: Fix paths. website: Optimize remark. website: Update deps. website: Format. website: Remove linking. website: Fix paths. wip: Attempt API only build. Prep. Migrate render to runtime. Tidy sidebar. Clean up templates. docs: Move directory. WIP docs: Flesh out split. website: Fix issue where routes have collisions.
19 lines
623 B
Markdown
19 lines
623 B
Markdown
---
|
|
title: Authentication
|
|
sidebar_position: 1
|
|
---
|
|
|
|
For any of the token-based methods, set the `Authorization` header to `Bearer <token>`.
|
|
|
|
### Session
|
|
|
|
When authenticating with a flow, you'll get an authenticated Session cookie, that can be used for authentication. Keep in mind that in this context, a CSRF header is also required.
|
|
|
|
### API Token
|
|
|
|
Users can create tokens to authenticate as any user with a static key, which can optionally be expiring and auto-rotate.
|
|
|
|
### JWT Token
|
|
|
|
OAuth2 clients can request the scope `goauthentik.io/api`, which allows their OAuth Access token to be used to authenticate to the API.
|