# Authentication

{% hint style="success" %}
To ensure secure access, all requests to the Subscription API require an **Authorization** token. This token is unique for each subscription and must be included in the header of every API call. Here's how to authenticate your requests:
{% endhint %}

## **Getting Your Subscription API Token**

After you create a subscription in the Flash web app, a unique **Subscription API token** is automatically generated. You can always retrieve this token from the subscription edit screen. Make sure not to confuse this with the global API token—each subscription has its own token.

<figure><img src="/files/ygEywunQlrcrRvZJurCp" alt=""><figcaption></figcaption></figure>

***

## **How to Include the Token in Your Requests**

For every API request, the token must be included in the **Authorization** header, formatted as follows:

```graphql
Authorization: Bearer <Your-Subscription-API-Token>
```

Make sure to replace `<Your-Subscription-API-Token>` with the actual token you've obtained from the Flash web app.

**Token Example**

Here’s an example of how to structure your Authorization header in a typical API request:

```http
POST https://api.paywithflash.com/v1/get_user_subscription_details
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cC...
Content-Type: application/x-www-form-urlencoded
```

***

## **Error Handling**

* If the token is **missing** or **invalid**, you will receive a `401 Unauthorized` error.
* For expired tokens, you will get a `Token has expired` message.

### **Common Authentication Errors**

* **401 Unauthorized:** Occurs when the token is invalid, missing, or expired.
* **Invalid Token Format:** Ensure that the token is sent as `Bearer <token>` and is properly formatted.

## **Sample Request With Authentication**

```bash
curl -X POST https://api.paywithflash.com/v1/get_user_subscription_details \
-H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cC..." \
-d "email=user@example.com&flash_id=12345"
```

***

## **Important Notes:**

* Never share your Subscription API token publicly.
* Make sure to use the correct subscription token for each individual subscription.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.paywithflash.com/products/editor/authentication.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.