# Authentication

ABSTRACT
To access the SalesTim API, a valid Azure Active Directory access token is required. This article explains how to get it, as a user or as an application.


TABLE OF CONTENTS


# Supported access tokens

The SalesTim API expects a valid access token in the HTTP Authorization request header with a bearer token such as:

{
  "Authorization": "bearer <JWT_TOKEN>"
}

SalesTim supports access tokens (opens new window) retreived from the following OAuth 2.0 grant flows:

# Access on behalf of a user (authorization code flow)

Reference: Get access to the Microsoft Graph on behalf of a user (opens new window)

# Access without a user (client credentials flow)

Reference: Get access to the Microsoft Graph without a user (opens new window)

classification:PUBLIC