# Authentication

Nuvio API uses token-based authentication, allowing users to authenticate API requests by inputting their tokens into the HTTP authorization bearer token header.&#x20;

All API requests must be authenticated and made through HTTPS. Any request that doesn't include a Bearer Token will return an error.

Example:

```sh
curl https://app.nuvio.io/v1/{method} -H
"Authorization: Bearer YOUR_TOKEN"
```

## Get your Access Token

You can generate an API access token from <mark style="color:orange;">`Nuvio Settings -> Company Settings -> Developers`</mark> tab at any time.

{% hint style="warning" %}
**Be careful:** Access tokens belongs to company workspaces, not to users. Any company admin user can create a new access token and that token will continue to serve as long as it is not deleted, **even though the user who created the token is not an active user anymore.**
{% endhint %}

{% hint style="warning" %}
Please be sure to keep your API access tokens secure! Do not share them in emails, chat messages, client-side code or publicly accessible sites.

If you have accidentally shared an API access token publicly, you can revoke it in the Developer tab under Nuvio Platform's company settings.
{% endhint %}

## Scopes

API access tokens serve within the granted scope only. You can select the API scopes while creating your API access token on Nuvio Dashboard.

For example, to add a new income or expense to Nuvio via API, the token must have the <mark style="color:orange;">`WRITE`</mark> scope. Check the [**Scopes**](#scopes) page to learn more which scope grants access to which resources / endpoints.

<br>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://developers.nuvio.io/authentication.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.