# Auth * You can configure authentication settings for each environment (e.g., development, production). * These settings are specific to the environment you are working in. #### Secret Key: * The secret key is used to decode (deparse) the token passed in the header of each request. * The secret key must match the key used to generate the token. If the keys do not match, the token becomes invalid, leading to authentication errors. * Secret keys are securely stored through environment variables, and you can select them from a **list of secrets** in a dropdown menu for easy configuration.
Configure secrets key in auth configuration

Configure secrets key in auth configuration

#### Fields (Token Payload Validation): * Specify the fields that should be present inside the token (payload). * When the token is decoded, these fields are checked to ensure the request is valid. * If the required fields are missing, the system will return an "unauthorized" error for each request.
Configure Fields in Auth section for token

Configure Fields in Auth section for token validation

#### Error Message Customization: * You can configure a custom error message to be returned in the response if: * The token is invalid. * The token cannot be authenticated for other reasons. * This allows you to provide user-friendly error messages.
Configure error message in auth configuration

Configure error message in Authentication configuration

### Authentication for API end points This section explains how to configure real-time authentication for your API endpoints. #### Step 1: Create a Login or Signup or Magic link Logic We have published a blog on [how to create magic link logics](https://fireapis.com/blog/how-to-implement-magic-link-logic-1/). Checkout out for refrence. 1. **Define Input Payload**: Start by creating a login or signup or from magic link login flow that accepts an input payload with the user's email. 2. **Process User Details**: Add actions to process the user details for the given email. These actions will handle validation and fetching user-specific data. 3. **Generate Token**: Create an action to generate a token. The token should include `user_id` and `user_email` as its payload. #### Step 2: Configure Authentication Settings 1. **Navigate to Auth Tab**: * Go to the "Auth" tab in the platform. * Configure the secret key using the secrets manager. This key should be the same as the one used during token generation. 2. **Add Fields**: * Specify fields such as `user_id` and `user_email`. * Define error messages for scenarios where the token is invalid or expired. 3. **Save Configuration**: * Save these configurations to complete the authentication setup. #### Step 3: Enable Authentication for API Endpoints 1. **Table CRUD Endpoints**: * Navigate to the "Tables" section and select any table to view its details. * Locate the **Is Authenticate Endpoint** toggle. * Enable this toggle to validate the token for every request. If a token is not passed, it will be considered invalid. 2. **Logic Endpoints**: * To enable authentication for logic APIs, follow the same process. * Navigate to the logic details and toggle the **Is Authenticate Endpoint** option. * When enabled, all requests to the logic endpoints must include a valid authentication header containing the token. By following the above steps, you can configure token-based authentication for your API endpoints and ensure secure access to your resources.