# API Authentication

All requests to the White Label Loyalty (WLL) API require an API key. Depending on the type of request, you may also need to authenticate as a user or administrator using an access token.

This section explains the different authorization levels, how to generate and use access tokens, and how to request the credentials needed for secure integration.

{% hint style="info" %}

#### Authentication vs authorization

* **Authentication** is about **proving who you are**. In WLL, this means supplying a valid API key and, where needed, a token (user or admin).
* **Authorization** is about **what you’re allowed to do**. Once authenticated, your token defines which operations you can perform based on your access level.
  {% endhint %}

***

## Access levels & methods

There are three levels of authorization in the WLL platform:

<table><thead><tr><th width="146.421875" valign="top">Access level</th><th valign="top">Headers required</th><th valign="top">Use case examples</th></tr></thead><tbody><tr><td valign="top"><a data-mention href="/pages/PRmQ5pBXIXtP3bIifXXn">/pages/PRmQ5pBXIXtP3bIifXXn</a></td><td valign="top"><p>Requires only the API key.  </p><p><code>X-Api-Key only</code></p></td><td valign="top">Used for public data access (e.g. browsing rewards or venues).</td></tr><tr><td valign="top"><a data-mention href="/pages/72wOAd2v1hGUoqaZfrbT">/pages/72wOAd2v1hGUoqaZfrbT</a></td><td valign="top"><p>Requires the API key and a <strong>user access token</strong>. </p><p><code>X-Api-Key + Authorization: Bearer &#x3C;user token></code></p></td><td valign="top">Used to interact on behalf of a specific end-user (e.g. report events, view points balance, see user-specific rewards).</td></tr><tr><td valign="top"><a data-mention href="/pages/vjcRvSHweVDcit4Yx9wI">/pages/vjcRvSHweVDcit4Yx9wI</a></td><td valign="top"><p>Requires the API key and an <strong>admin access token</strong>. </p><p><code>X-Api-Key + Authorization: Bearer &#x3C;admin token></code></p></td><td valign="top">Used for privileged operations (e.g. reporting back-office events, managing rewards).</td></tr></tbody></table>

Each access level is explained in its own article with example requests and configuration notes.&#x20;

***

## Getting your API key

You can find your API key in the Loyalty Console under Settings > Tenant.

<figure><img src="/files/sBWAF65ELxDmxTi5zvM0" alt="" width="563"><figcaption><p>Tenant settings page in the Loyalty Console</p></figcaption></figure>

***

## Getting your admin auth credentials

To access admin-level endpoints, you’ll need to request your client credentials (client ID and secret), which are used to generate admin access tokens. See [Request API credentials](/developer/guides/api-authentication/request-api-credentials.md).


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://kbase.whitelabel-loyalty.com/developer/guides/api-authentication.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.