# Authentication

Using your **clientKey** and **clientSecret** you can request for a **token** by calling the dedicated method (note: replace asterisks with your clientKey and clinetSecret)

{% tabs %}
{% tab title="curl" %}

```shell
/curl -X POST \
 https://explore.cloud4wi.com/v1/sts/login/services \
 -H 'Cache-Control: no-cache' \
 -H 'Content-Type: application/json' \
 -H 'accept: application/json' \
 -d '{
 "clientKey":"ck-********-****-****-****-************",
 "clientSecret":"********************************"
}'/curl -X POST \
```

{% endtab %}
{% endtabs %}

If the client key and secret are correct, then the API will return a JWT token.

```json
{"token":[[JWT_TOKEN]]"}
```

{% tabs %}
{% tab title="curl" %}

```shell
curl -X GET \
 'https://explore.cloud4wi.com/v2/customers/organizations/[[CID]]?sortBy=created_absolute&sortReverse=false' \
 -H 'Authorization: Bearer [[JWT_TOKEN]]' \
 -H 'Cache-Control: no-cache' \
 -H 'accept: application/json'
```

{% endtab %}
{% endtabs %}

The JWT token expires after **one day**; to get a new one, restart and call again /v1/sts/login/services.

### AuthN/AuthZ Flow

<img src="https://uploads-ssl.webflow.com/5eb42691bf103600ee3afc30/5eb5d477ecd059c41c0120e9_flow1.png" alt="" data-size="original">

## Endpoints

Use your **client key** and **client secret** to retrieve a valid authentication **token**

{% openapi src="<https://developers.cloud4wi.com/api-explore-inspector/api-explore.yml>" path="/v1/sts/login/services" method="post" %}
<https://developers.cloud4wi.com/api-explore-inspector/api-explore.yml>
{% endopenapi %}

You can manually revoke a token using the following end-point:

{% openapi src="<https://developers.cloud4wi.com/api-explore-inspector/api-explore.yml>" path="/v1/sts/logout" method="post" %}
<https://developers.cloud4wi.com/api-explore-inspector/api-explore.yml>
{% endopenapi %}