# Authentication

{% hint style="info" %}
This is the short-form **technical reference** entry of the Bubble API authentication methods. If you are looking for more in-depth and long-form articles on how the Bubble API works, you may be interested in checking the [Bubble API manual](#manual-entries).
{% endhint %}

## Authenticating as an admin

Using an API Token gives a client full administrator access to your database. This means that privacy rules are ignored and the client gets the same access level that an admin gets in the Bubble editor.

To generate an API token go to Settings - API and click the ‘Generate a new API token’ button. This will generate a 32-character token consisting of a combination of numbers and letters. To use the token in an API request, include it in the Authorization header of the request as a bearer token:

```
Authorization: Bearer <token>
```

### **API Token Label**

The API Token Label field lets you give each API Token a descriptive name. The label is visible only in the Bubble editor and does not affect the Data API in any way.

### **Private Key**

This is the 32-character token used by the client to authenticate.

### **Regenerate private key**

Clicking this button will generate a new API token using the same label. Note that the new token will replace the old one. If you want to create an additional new token, use the ‘Generate a new API token’ button instead.

## Authenticating as a User

Authenticating as a User gives a client access to your database with the same privileges as that User has, as defined in the privacy rules.

To authenticate as a User, set up an API Workflow with a ‘Log the User in’ action. Bubble will return a token in the JSON that can be used for subsequent calls.

\
Manual entries
--------------

The Bubble manual gives extended information about Bubble's features and how to use them.

<details>

<summary>How to set up authentication in an external app</summary>

Bubble uses the *bearer token* *method* to authenticate the client in incoming API requests.\
\
Article: [How to set up authentication in an external app](https://manual.bubble.io/~/changes/zEDMkjAAhZbZaeeyXW5d/help-guides/integrations/api/the-bubble-api/authentication/how-to-authenticate)

</details>

<details>

<summary>The different Bubble API authentication methods</summary>

The Bubble API allows for different ways of authenticating the client in incoming API requests:\
\
Article: [Accessing the Bubble API without authentication](https://manual.bubble.io/~/changes/zEDMkjAAhZbZaeeyXW5d/help-guides/integrations/api/the-bubble-api/authentication/no-authentication)\
Article: [Accessing the Bubble API authenticated as a User](https://manual.bubble.io/~/changes/zEDMkjAAhZbZaeeyXW5d/help-guides/integrations/api/the-bubble-api/authentication/as-a-user)\
Article: [Accessing the Bubble API authenticated as an admin](https://manual.bubble.io/~/changes/zEDMkjAAhZbZaeeyXW5d/help-guides/integrations/api/the-bubble-api/authentication/as-an-admin)

</details>