{"_id":"56231066de7dc01700c6dd65","parentDoc":null,"user":"556cbb50c14029190092d20f","category":{"_id":"5622fde7de7dc01700c6dd5f","pages":["5622fe48d51d480d0064fc77","5623104906481c0d00e53162","56231066de7dc01700c6dd65","5627f69388948617002a0996"],"project":"556cd8aec14029190092d292","__v":4,"version":"556cd8aec14029190092d295","sync":{"url":"","isSync":false},"reference":false,"createdAt":"2015-10-18T02:03:19.875Z","from_sync":false,"order":3,"slug":"authentication-and-authorization","title":"Authentication and Authorization"},"project":"556cd8aec14029190092d292","__v":11,"version":{"_id":"556cd8aec14029190092d295","__v":14,"project":"556cd8aec14029190092d292","createdAt":"2015-06-01T22:11:58.756Z","releaseDate":"2015-06-01T22:11:58.756Z","categories":["556cd8afc14029190092d296","55ca5a55241e790d004f47ea","55dc9fdb4f535537007da1b2","55dc9fdfc755b63700dc843c","55fdb08c4bebdf17004130d4","560ef4c2a36c610d00e7013e","5613db296a092921004c30c2","56156581dc8aea0d002475e8","56169d1ee98f5517005627a8","5622fde7de7dc01700c6dd5f","56cf75f3336aa60b0086a495","5818f3c02093901b00bcf91a","582f7ff88ea0800f0035639a","583f30c110448a2500dd990f"],"is_deprecated":false,"is_hidden":false,"is_beta":false,"is_stable":true,"codename":"","version_clean":"1.0.0","version":"1.0"},"updates":[],"next":{"pages":[],"description":""},"createdAt":"2015-10-18T03:22:14.183Z","link_external":false,"link_url":"","githubsync":"","sync_unique":"","hidden":false,"api":{"results":{"codes":[]},"settings":"","auth":"required","params":[],"url":""},"isReference":false,"order":0,"body":"The Reverb API authentication is via OAuth2 tokens.  For apps that only need to access public data, the Client Credentials Flow is available. Please see the table below for guidance on which method to choose.\n[block:parameters]\n{\n  \"data\": {\n    \"h-0\": \"If you want to..\",\n    \"h-1\": \"Use..\",\n    \"0-0\": \"Develop an app that is only used by you and accesses your data OR accesses only public data.\",\n    \"0-1\": \"[Generate a Personal Access Token from your Reverb dashboard (recommended)](doc:generating-personal-access-tokens) or \\n[Use Application-Only Authorization (Client Credentials Flow)](doc:application-only-authorization-client-credentials-flow)\",\n    \"1-0\": \"Develop an app that allows multiple users to \\\"Log in with Reverb\\\" and interact with user data on behalf of those users, or log in with your own account to manage your own information.\",\n    \"1-1\": \"[Multi-User OAuth2 - Authorization Code Flow](doc:build-a-multi-user-app-with-oauth)\",\n    \"2-0\": \"Develop an in-browser / client-side app where it's not possible to store a secret.\",\n    \"2-1\": \"[OAuth2 Implicit Grant](doc:apps-that-cannot-store-their-oauth-token)\"\n  },\n  \"cols\": 2,\n  \"rows\": 3\n}\n[/block]","excerpt":"","slug":"how-should-i-authenticate","type":"basic","title":"How should I authenticate?"}

How should I authenticate?


The Reverb API authentication is via OAuth2 tokens. For apps that only need to access public data, the Client Credentials Flow is available. Please see the table below for guidance on which method to choose. [block:parameters] { "data": { "h-0": "If you want to..", "h-1": "Use..", "0-0": "Develop an app that is only used by you and accesses your data OR accesses only public data.", "0-1": "[Generate a Personal Access Token from your Reverb dashboard (recommended)](doc:generating-personal-access-tokens) or \n[Use Application-Only Authorization (Client Credentials Flow)](doc:application-only-authorization-client-credentials-flow)", "1-0": "Develop an app that allows multiple users to \"Log in with Reverb\" and interact with user data on behalf of those users, or log in with your own account to manage your own information.", "1-1": "[Multi-User OAuth2 - Authorization Code Flow](doc:build-a-multi-user-app-with-oauth)", "2-0": "Develop an in-browser / client-side app where it's not possible to store a secret.", "2-1": "[OAuth2 Implicit Grant](doc:apps-that-cannot-store-their-oauth-token)" }, "cols": 2, "rows": 3 } [/block]