# Authentication

There are many ways to authenticate to Qubedoo API. This guide will help you find the most suitable authentication depending on your use-case.

# I want to access the API from a backend

First, you need an application. The access type must be set to Confidential.

Once created, you'll be given a client_id, a client_secret and an ApiKey.

# Use client_credentials

You can either use client_id and client_secret and exchange them with an AccessToken usable on the API as explained here.

✅ Pros : Uses the standard OpenID Connect protocol, compatible with many libraries
❌ Cons : One more HTTP request to do before calling Qubedoo API

# Use ApiKey

Or you can also directly use the ApiKey to call the API:

curl --request POST 'https://api.qubedoo.com/cloud' \
 --header 'Content-Type: application/json' \
 --header 'Authorization: ApiKey YOUR_API_KEY' \
 --data '{"name": "My First Cloud"}'

✅ Pros : Can be directly used without additionnal HTTP request
❌ Cons : Does't have an expire date. If you leak it, the only way to secure your data is to revoke the ApiKey.

# I want to impersonate users

OpenID Connect allows you to impersonate users with your app. These flows are complex and already well documented all around Internet.

# I have another use case

There are many possibilities, please contact us by email: info@qubedoo.com

← Concepts Access Data between API and Platform →