.. _authentication-authorization-label:
Authentication and Authorization
================================

Authentication and Scopes
*************************

Each endpoint listed on the `API Documentation`_ contains information
about the type of authentication required and the required scope to call
that endpoint.

These two bits of information will tell you **how** you need to sign your
token and what are the necessary scopes in order to successfully do this
call.

The example below explicits on this should be checked.

.. image:: /images/authorization-type-scopes.png

Authorization
*************

The way we define if someone (or a token) can do something
is by using scopes.

Whenever we create a token on Loadsmart, we define which scopes
this intermediary (or integrator) will have access to. This will
be defined based on the project we define together and that makes
sense to be given.

The scope management is transparent, meaning that you don't need to
do anything on your side. Loadsmart's API will determine the scopes
you have and compare against the required ones, automatically.

If you can't do a call to one of the endpoints because you have a missing
scope, talk to our team so we can establish what is necessary scopes you
need or might be missing.

.. _API Documentation: https://developer.loadsmart.com/api/index.html