# Authentication

Authentication with the becard.me REST API is achieved through the OAuth 2.0 Bearer Token mechanism. This authentication method ensures the security of your API requests and provides controlled access to the platform's resources. 

Include the token in the `Authorization` header of your API requests as follows:

```
Authorization: Bearer YOUR_ACCESS_TOKEN
```

Your Bearer Token allows you to securely access protected resources on the becard.me platform.

***

Follow the steps below to obtain and use your Bearer Token for authentication.

**Variant 1: Request an Access Token over Credentials**

To access the API, you need to obtain an Access Token by making a POST request to our token endpoint:

<mark style="color:green;">`POST`</mark> `/v1/auth/login`

#### Headers

| Name                                           | Type | Description      |
| ---------------------------------------------- | ---- | ---------------- |
| Accept<mark style="color:red;">\*</mark>       |      | application/json |
| Content-Type<mark style="color:red;">\*</mark> |      | application/json |

#### Request Body

| Name                                       | Type   | Description   |
| ------------------------------------------ | ------ | ------------- |
| email<mark style="color:red;">\*</mark>    | string | Your E-MAIL   |
| password<mark style="color:red;">\*</mark> | string | Your PASSWORD |

{% tabs %}
{% tab title="200: OK Success" %}

```json
{
    "access_token": "eyJ0eXAiOiJKV1Q...",
    "session_id": "ZXlKcGRpSTZJbXc1VjJ...",
    "expires_at": "2024-04-19T22:53:03.000000Z"
}
```

{% endtab %}

{% tab title="422: Unprocessable Entity Not found or credentials not match" %}

```json
{
    "message": "Access data do not match!"
}
```

{% endtab %}

{% tab title="500: Internal Server Error If no body parameter set" %}

```json
    "message": "Undefined array key \"email\"",
    "exception": "ErrorException",
```

{% endtab %}
{% endtabs %}