2021-03-18 21:02:04 +00:00
---
title: API
---
2021-09-02 15:40:02 +00:00
Starting with 2021.3.5, every authentik instance has a built-in API browser, which can be accessed at https://authentik.company/api/v3/.
2021-03-18 21:02:04 +00:00
2021-09-02 15:40:02 +00:00
To generate an API client, you can use the OpenAPI v3 schema at https://authentik.company/api/v3/schema/.
2021-03-18 21:02:04 +00:00
2021-04-18 15:25:03 +00:00
While testing, the API requests are authenticated by your browser session.
2021-03-18 21:02:04 +00:00
2022-06-26 15:51:15 +00:00
## Authentication
For any of the token-based methods, set the `Authorization` header to `Bearer <token>` .
### Session
When authenticating with a flow, you'll get an authenticated Session cookie, that can be used for authentication. Keep in mind that in this context, a CSRF header is also required.
### API Token
2023-03-17 23:10:12 +00:00
Users can create tokens to authenticate as any user with a static key, which can optionally be expiring and auto-rotate.
2022-06-26 15:51:15 +00:00
### JWT Token
OAuth2 clients can request the scope `goauthentik.io/api` , which allows their OAuth Refresh token to be used to authenticate to the API.