# Authentication API The Authentication API allows you to generate access tokens to authenticate with Ripple APIs. All API operations require an access token specific to the environment you're using. Ripple provides a secure model for authentication and authorization by providing access tokens scoped for a set of credentials. The Authentication operation returns an access token in the `access_token` response field. You must include your `client_id` and `client_secret` in the JSON request body to get a valid access token. ### Generate client ID and client secret You will need your _client ID_ and _client secret_ to obtain an access token. If you do not already have your client ID and client secret, do the following: 1. Log into {% $env.PUBLIC_VAR_RNH %}. 2. In the left navigation menu, click **Settings**. 3. Under **Administration**, click **API Credentials**. 4. In the dropdown list next to the page title, select the access environment. For example, to provision credentials for the test environment, select **Test** from the dropdown list. 5. In the upper right corner of the page, click **New Credential**. 6. Click **Save and Generate Key**. **Caution:** The *client secret* is displayed only once when you are creating new credentials. You cannot retrieve the secret after exiting this page. Copy and store the client secret securely and share it with authorized individuals in accordance with your organization's security policy. You can now use the client ID and client secret to generate access tokens using the Authentication operation. We recommend rotating your API credentials at regular intervals according to your organization's security policy. ### Fetch an access token Once you have your *client ID* and *client secret*, follow these steps to get an access token to use with {% $env.PUBLIC_VAR_RPD %} API calls: #### Step 1: Determine the desired environment The first step to request an access token is to determine the environment where you want to use the API. The following table describes the different environments that provide {% $env.PUBLIC_VAR_RPD %} API access. Take note of the environment string for the environment you want to access. | **Environment** | **Request URL** | **Environment String** | **Currency** | | --- | --- | --- | --- | | **Test** | `https://auth-test.rnc.ripplenet.com/oauth/token` | `test` | Simulated | | **Production** | `https://auth.rnc.ripplenet.com/oauth/token` | `prod` | Actual | #### Step 2: [Request the Access Token](operation/authenticate) #### Step 3: [Test the Access Token](operation/testAuthToken) ## Security ### BasicAuth Type: http Scheme: basic ### Bearer Type: http Scheme: bearer Bearer Format: JWT ## Download OpenAPI description [Authentication API](https://docs.ripple.com/_bundle/products/payments-direct/api-docs/auth-proxy/reference/auth-proxy-external.yaml) ## Authentication ### Request an access token - [POST /oauth/token](https://docs.ripple.com/products/payments-direct/api-docs/auth-proxy/reference/auth-proxy-external/authentication/authenticate.md): Request an access token for authentication with Ripple APIs. You need to request a token for the environment you want to authenticate with. Note: The length of the access token isn't fixed, hence it can vary. Avoid validating tokens based on character length. #### Environments | Environment | Domain | Description | | --- | --- | --- | | Test | auth-test.rnc.ripplenet.com | Test environment with simulated partners and simulated currency. | | Production | auth.rnc.ripplenet.com | Production environment for Ripple's internal services. | ### Test access token - [GET /oauth/token/test](https://docs.ripple.com/products/payments-direct/api-docs/auth-proxy/reference/auth-proxy-external/authentication/testauthtoken.md): Test if an access token can be used for authentication with Ripple APIs and how much time remains on it.