> ## Documentation Index
> Fetch the complete documentation index at: https://docs.developers.mijnklantportaal.nl/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication

## Authenticate to the API

When calling the API, you have to provide an Authentication Token. No matter what token you use, all of them are `Bearer` tokens and have to be provided in the
`Authentication` header in your request.

**Example:**
`Authentication: Bearer <your_token_here>`

## Authentication types

To make sure that we return only the correct data, do you need to authenticate yourself (as MijnKlantportaal user or third party developer) to our API. The way
of authentication is decided in what role you talk to the API:

* **MijnKlantportaal user**: API Key
* **Third party developer**: OAuth Access Token (OAT)

### API Key

If you want to access the API for your own customer portal, the best way to authenticate yourself is with an API Key. You can create this API Key in the manage portal.
To get access, follow these steps:

<Steps>
  <Step title="Log in into your manage portal">
    Open your manage portal and log in.
  </Step>

  <Step title="Create an API Key">
    Go to 'Settings <Icon icon="arrow-right" iconType="solid" /> API Keys' and press the *Create API key*-button in the top right corner. Specify to which [scopes](/oauth/scopes)
    this key can get access to.
  </Step>

  <Step title="Copy and save the key">
    Once created, we show you the API Key just **once**, so save it directly on a secure place.
    <Danger>Treat your API Key like a password. Do **not** share it with anyone!</Danger>
  </Step>
</Steps>

### OAuth Access Token (OAT)

When you are developing software and want to integrate MijnKlantportaal APIs, you should use OAuth to get access. This is the only way to get access to someone else's MijnKlantportaal
account.

<Note>Never ask MijnKlantportaal users for API Keys as third party developer!</Note>

To be able to use our OAuth solution, you should register yourself as developer and register your application. To get this done, following these steps:

<Steps>
  <Step title="Register yourself as developer">
    Press the button in the right top corner on this page: "Developer portal". and register yourself as developer by creating a Developer Account.
  </Step>

  <Step title="Create and register your application in the Developer portal">
    Once you have your developer account and logged in into the Developer portal, you can create (and so register) your application to receive your App ID and App Secret.
    <Danger>Treat your App Secret like a password. Do **not** share it with anyone!</Danger>
  </Step>

  <Step title="Ask the MijnKlantportaal user for permission">
    Before you get access to someone's customer portal, you have to ask permission. Compose an Authorize url with you App ID, the scopes you want access to and the other
    data we need to ask the user for permission. See the documentation page "xxx" for info.
  </Step>

  <Step title="Exchange the Authorization Token for your Access and Refresh Tokens">
    When the user gave you permission to access their portal, you should exchange the Authorization Token for an Access Token (which gives you access to the API) and
    Refresh Token (to generate a new Access Token once it expires). Use the "xxx" endpoint for this.

    <Tip>Keep in mind that the user can always revoke your access, and so invalidate your Access and Refresh Tokens.</Tip>
  </Step>
</Steps>
