# Auth

* You can configure authentication settings for each environment (e.g., development, production).
* These settings are specific to the environment you are working in.

#### Secret Key:

* The secret key is used to decode (deparse) the token passed in the header of each request.
* The secret key must match the key used to generate the token. If the keys do not match, the token becomes invalid, leading to authentication errors.
* Secret keys are securely stored through environment variables, and you can select them from a **list of secrets** in a dropdown menu for easy configuration.

<figure><img src="/files/3B0WqED92liGqiod1i8d" alt="Configure secrets key in auth configuration"><figcaption><p>Configure secrets key in auth configuration</p></figcaption></figure>

#### Fields (Token Payload Validation):

* Specify the fields that should be present inside the token (payload).
* When the token is decoded, these fields are checked to ensure the request is valid.
* If the required fields are missing, the system will return an "unauthorized" error for each request.

<figure><img src="/files/BPyey3PTAhxsB95Bt1jy" alt="Configure Fields in Auth section for token"><figcaption><p>Configure Fields in Auth section for token validation</p></figcaption></figure>

#### Error Message Customization:

* You can configure a custom error message to be returned in the response if:
  * The token is invalid.
  * The token cannot be authenticated for other reasons.
* This allows you to provide user-friendly error messages.

<figure><img src="/files/VoZPExP1GnT049Hc930k" alt="Configure error message in auth configuration"><figcaption><p>Configure error message in Authentication configuration</p></figcaption></figure>

### Authentication for API end points <a href="#authenticate-for-endpoints" id="authenticate-for-endpoints"></a>

This section explains how to configure real-time authentication for your API endpoints.

#### Step 1: Create a Login or Signup or Magic link Logic

We have published a blog on [how to create magic link logics](https://fireapis.com/blog/how-to-implement-magic-link-logic-1/). Checkout out for refrence.

1. **Define Input Payload**: Start by creating a login or signup  or from magic link login flow that accepts an input payload with the user's email.
2. **Process User Details**: Add actions to process the user details for the given email. These actions will handle validation and fetching user-specific data.
3. **Generate Token**: Create an action to generate a token. The token should include `user_id` and `user_email` as its payload.

#### Step 2: Configure Authentication Settings

1. **Navigate to Auth Tab**:
   * Go to the "Auth" tab in the platform.
   * Configure the secret key using the secrets manager. This key should be the same as the one used during token generation.
2. **Add Fields**:
   * Specify fields such as `user_id` and `user_email`.
   * Define error messages for scenarios where the token is invalid or expired.
3. **Save Configuration**:
   * Save these configurations to complete the authentication setup.

#### Step 3: Enable Authentication for API Endpoints

1. **Table CRUD Endpoints**:
   * Navigate to the "Tables" section and select any table to view its details.
   * Locate the **Is Authenticate Endpoint** toggle.
   * Enable this toggle to validate the token for every request. If a token is not passed, it will be considered invalid.
2. **Logic Endpoints**:
   * To enable authentication for logic APIs, follow the same process.
   * Navigate to the logic details and toggle the **Is Authenticate Endpoint** option.
   * When enabled, all requests to the logic endpoints must include a valid authentication header containing the token.

By following the above steps, you can configure token-based authentication for your API endpoints and ensure secure access to your resources.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.fireapis.com/the-basics/auth.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.