# Authentication

## Authenticate your account

<mark style="color:green;">`POST`</mark> `https://api.waldo.ai/authenticate`

#### Request Body

| Name                                           | Type   | Description |
| ---------------------------------------------- | ------ | ----------- |
| apiKey<mark style="color:red;">\*</mark>       | String |             |
| clientSecret<mark style="color:red;">\*</mark> | String |             |

#### Response

{% tabs %}
{% tab title="200: OK Token generated" %}

```json
{
  "token": "eyJh...."
}
```

{% endtab %}

{% tab title="401: Unauthorized Invalid API key or invalid client secret" %}

```json
{
  "code": "INVALID_API_KEY",
  "message": "Invalid API key"
}
```

{% endtab %}

{% tab title="403: Forbidden API key has been revoked" %}

```json
{
  "code": "API_KEY_REVOKED",
  "message": "This API key has been revoked. Please visit the Waldo AI dashboard to review your API key."
}
```

{% endtab %}

{% tab title="400: Bad Request Missing parameters" %}

```json
{
    "code": 'MISSING_PARAMETERS',
    "message": 'Missing parameters'
}
```

{% endtab %}
{% endtabs %}

{% tabs %}
{% tab title="CURL" %}

```
curl --location 'https://api.waldo.ai/authenticate' \
--data '{"apiKey": "YOUR_API_KEY","clientSecret": "CLIENT_SECRET"}'
```

{% endtab %}

{% tab title="NODE.JS" %}

```javascript
import axios from "axios";
const data = JSON.stringify({
  "apiKey": "YOUR_API_KEY",
  "clientSecret": "CLIENT_SECRET"
});

const config = {
  method: 'post',
  url: 'https://api.waldo.ai/authenticate',
  headers: {
    'Content-Type': 'application/json'
  },
  data : data
};
axios.request(config)
.then((response) => {
  console.log(JSON.stringify(response.data));
})
.catch((error) => {
  console.log(error);
});
```

{% endtab %}

{% tab title="PYTHON" %}

```python
import requests
import json

url = "https://api.waldo.ai/authenticate"

payload = json.dumps({
  "apiKey": "YOUR_API_KEY",
  "clientSecret": "CLIENT_SECRET"
})
headers = {
  'Content-Type': 'application/json'
}

response = requests.post(url, headers=headers, data=payload)

print(response.text)
```

{% endtab %}

{% tab title="PHP" %}

```php
<?php
$client = new Client();
$headers = [
  'Content-Type' => 'application/json'
];
$body = '{
  "apiKey": "YOUR_API_KEY",
  "clientSecret": "CLIENT_SECRET"
}';
$request = new Request('POST', 'https://api.waldo.ai/authenticate', $headers, $body);
$res = $client->sendAsync($request)->wait();
echo $res->getBody();
```

{% endtab %}

{% tab title="C#" %}

```csharp
var client = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Post, "https://api.waldo.ai/authenticate");
var content = new StringContent("{\"apiKey\": \"YOUR_API_KEY\",\"clientSecret\": \"CLIENT_SECRET\"}", null, "application/json");
request.Content = content;
var response = await client.SendAsync(request);
response.EnsureSuccessStatusCode();
Console.WriteLine(await response.Content.ReadAsStringAsync());
```

{% endtab %}
{% endtabs %}

#### Authorization

Use the token from the authentication response to authorize subsequent API requests. The token should be added in the `Authorization` header:

```
Authorization: Bearer <token>
```