# Authentication To ensure secure transactions on HotWax's platform, all applications connecting with the HotWax API require authentication when making API requests. The primary method of authentication employed is **Bearer token authentication**. ## Bearer Token Authentication Bearer token authentication utilizes security tokens. After a successful login request, the server generates a secret string known as a bearer token. When making requests for protected resources, the user must include the token in the authorization header. ## How to generate a bearer token Hotwax Commerce relies on robust security features provided by JWT (JSON Web Token) to ensure a safe and trustworthy API communication environment. This mechanism guarantees user authenticity, authorizes their actions, and maintains data integrity through digital signatures. To create JWT, follow these steps: 1. Create a unique user from [users.hotwax.io](https://users.hotwax.io/) by using integration template or assign the integration permissions. 2. Make sure that Reset Password on Login is unchecked. 3. Navigate to the Hamburger menu in OMS: `https://{instanceName}.hotwax.io/` 4. Access the Settings option and choose `Create JWT Token`. 5. Input the user ID.It will display only the users having integration permissions. 6. Token Configuration:\*\* * Define the validation period. * Specify the purpose of the token. 7. Click `Create`, and the resulting JWT token will be displayed in the dedicated section. 8. Copy Token and use it to build connection ## Authentication Endpoint Sample endpoint: `https://.hotwax.io//login` ## APIs Requiring Authentication The following HotWax APIs require an authentication token: 1. `updateInventory` For more information about Bearer token authentication, refer to this [video](https://youtu.be/n-IFlWGX1t4). --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.hotwax.co/documents/integrate-with-hotwax/hotwax-commerce-api-and-data-feeds/initial-api-authentication.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.