{"templateId":"markdown","sharedDataIds":{"sidebar":"sidebar-sidebars.yaml"},"props":{"metadata":{"markdoc":{"tagList":[]},"type":"markdown"},"seo":{"title":"API Authentication Overview","llmstxt":{"hide":false,"sections":[{"title":"Table of contents","includeFiles":["**/*"],"excludeFiles":[]}],"excludeFiles":[]}},"dynamicMarkdocComponents":[],"compilationErrors":[],"ast":{"$$mdtype":"Tag","name":"article","attributes":{},"children":[{"$$mdtype":"Tag","name":"Heading","attributes":{"level":1,"id":"api-authentication-overview","__idx":0},"children":["API Authentication Overview"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["eGain REST APIs use the ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["OAuth 2.0 authorization framework"]}," to ensure secure access. Before making API requests, you must obtain an access token to prove your application has the necessary permissions."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["The authentication process consists of four high-level steps:"]},{"$$mdtype":"Tag","name":"ol","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/developer-portal/guides/authentication/app-registration"},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Register a Client Application"]}]},": Log in to the eGain Administration Console to create a client application. This generates your ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Client ID"]}," and ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Client Secret"]},"."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/developer-portal/guides/authentication/metadata"},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Find your API Metadata"]}]},": Access the Metadata button on your application page to find the specific Authorization and Token URLs for your instance."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/developer-portal/guides/authentication/flow_overview"},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Obtain a Token"]}]},": Choose an Authentication Flow based on your integration type:",{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["For Users/Customers"]},": Use ",{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/developer-portal/guides/authentication/auth-code-flow"},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Authorization Code"]}]}," or ",{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/developer-portal/guides/authentication/pkce-flow"},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["PKCE"]}]}," flow. ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["PKCE"]}," flow is an enhanced security version of ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Authorization Code"]}," flow."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/developer-portal/guides/authentication/client-credentials-flow#_-1"},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["For Anonymous Customer"]}]},": Use ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Anonymous Customer"]}," flow."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/developer-portal/guides/authentication/client-credentials-flow"},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["For Server-to-Server"]}]},": Use the ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Client Credentials"]},"."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/developer-portal/guides/authentication/on-behalf-of-flow"},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["For Server On Behalf Of User/Customer"]}]},": Use the ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["On-Behalf-Of"]}," flow."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/developer-portal/guides/authentication/token-exchange-flow"},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["For External Identity"]}]},": Use the ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Token Exchange"]}," flow."]}]}]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/developer-portal/guides/authentication/making-requests"},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Call the API"]}]},": Include the token in the HTTP ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["Authorization"]}," header as a Bearer token."]}]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"quick-reference-authentication-details","__idx":1},"children":["Quick Reference: Authentication Details"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["After completing all the steps, you can call APIs by including the generated access token in a Bearer token as authentication."]},{"$$mdtype":"Tag","name":"div","attributes":{"className":"md-table-wrapper"},"children":[{"$$mdtype":"Tag","name":"table","attributes":{"className":"md"},"children":[{"$$mdtype":"Tag","name":"thead","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"th","attributes":{"align":"left","data-label":"Requirement"},"children":["Requirement"]},{"$$mdtype":"Tag","name":"th","attributes":{"align":"left","data-label":"Description"},"children":["Description"]}]}]},{"$$mdtype":"Tag","name":"tbody","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Protocol"]}]},{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":["OAuth 2.0"]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Header"]}]},{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["Authorization: Bearer <access_token>"]}]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Token Domain"]}]},{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["https://ai.egain.cloud/"]}]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["API Domain"]}]},{"$$mdtype":"Tag","name":"td","attributes":{"align":"left"},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["https://api.ai.egain.cloud/"]}]}]}]}]}]}]},"headings":[{"value":"API Authentication Overview","id":"api-authentication-overview","depth":1},{"value":"Quick Reference: Authentication Details","id":"quick-reference-authentication-details","depth":3}],"frontmatter":{"seo":{"title":"API Authentication Overview"}},"lastModified":"2026-05-02T04:25:40.000Z","pagePropGetterError":{"message":"","name":""}},"slug":"/developer-portal/guides/authentication/authentication_overview","userData":{"isAuthenticated":false,"teams":["anonymous"]},"isPublic":true}