# App Authentication

Do not require authentication:

* [Resolver API](https://docs.patchwallet.com/api/resolver-api)

Do require authentication:

* [Kernel Account API](https://docs.patchwallet.com/api/kernel-account-api)

Authenticated Patch API endpoints use [OAuth 2.0 methods](https://oauth.net/2/) to authenticate requests.

**Get Started**

1. On [Discord](https://discord.gg/EAFPKSRyth), request a `client_id` and `client_secret`
2. Request a Bearer token via the `/v1/auth` endpoint
3. Provide the Bearer token in the `Authorization` header

### 1) Get a client\_id and client\_secret

On [Discord](https://discord.gg/EAFPKSRyth) request a `client_id` and `client_secret` to access the service.

### 2) Request a Bearer token

Use the script below to get a Bearer token for your `client_id` and `client_secret`.

```javascript
var myHeaders = new Headers();
myHeaders.append("Content-Type", "application/x-www-form-urlencoded");

var urlencoded = new URLSearchParams();
urlencoded.append("client_id", "demo-user-external");
urlencoded.append("client_secret", "k^yf57yg27MKo2SnuzwX");

var requestOptions = {
  method: 'POST',
  headers: myHeaders,
  body: urlencoded,
  redirect: 'follow'
};

fetch("https://paymagicapi.com/v1/auth", requestOptions)
  .then(response => response.text())
  .then(result => console.log(result))
  .catch(error => console.log('error', error));
```

### 3) Call endpoints with Bearer token

API requests are authenticated using the [Bearer Auth scheme](https://developer.mozilla.org/en-US/docs/Web/HTTP/Authentication#authentication_schemes). To authenticate a request, provide the Bearer token in the `Authorization` header of the request:

```bash
curl -H "Authorization: Bearer <your_bearer_token>" https://paymagicapi.com/v1
```

Bearer tokens expire every 60 minutes so a new one needs to be generated.