# Authentication

# OAuth

The API uses OAuth access tokens to authenticate requests. The OAuth authentication server is powered by Laravel v5.7 Passwport(opens new window) , detailed information and other methods of authentications can be found here(opens new window) .

When calling protected API routes, you should specify your access token as a Bearer token in the Authorization header of each request. See example the following example:

curl https://www.yourdomain.com/api/v1/user \
  -H "Accept: application/json" \
  -H "Authorization: Bearer <access-token>"

Remember to replace <access-token> with your own value.

# Fingerprint

Fingerprint authentication allows the help desk to identify guest users. This is the authentication method used for the live chat widget so users can see and reply to previous conversations.

For example, if a conversation is created using this authentication method, the conversation will only be accessible using the exact same fingerprint used when created.

When authenticating a user with this method, specify the unique fingerprint value as a Fingerprint value in the Authorization header of each request of a fingerprint-supported API endpoint. See the following example:

curl https://www.yourdomain.com/api/v1/account/1/conversations \
  -H "Accept: application/json" \
  -H "Authorization: Fingerprint jane@example.org:43a3c1d3-d3c9-4489-bd67-d72cf275a582"


A valid UUID should be used, otherwise, the system will deny the access and respond with 401 Unauthenticated.