> ## Documentation Index
> Fetch the complete documentation index at: https://openchat-api-docs.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication

> Learn how to authenticate the copilot's API calls to your backend

Sometimes, your APIs might have some endpoints that require authentication. For example, you might want to restrict access to certain endpoints to only users that are logged in, and in order for the copilot to
know who is logged in, you need to send some sort of token with your copilot requests.

Currently, we support simple JWT authentication, and API tokens.

## Dynamic Authentication via the widget

When you embed the copilot in your app, you can pass the authentication token to the copilot by using the `headers` prop.

```javascript
    initAiCoPilot({
        ...
        headers: {
            Authorization: "Bearer your_auth_token_goes_here",
            AnyToken: "AnyValue"
        },
        ...
    });
```

as you see, as long as you pass the token in the `headers` prop, the copilot will send it with every request it makes to your API.

## Authentication via the backend (from the dashboard)

This option is useful if you want to use the copilot in a public website, and you don't want to expose your authentication token to the public, or if you want to use the copilot in a mobile app, and you don't want to hardcode the authentication token in the app.
It's also very useful for testing purposes.

In order to use this option, you need to go to the dashboard, and navigate to the "Copilot Settings" tab, and then scroll down to the "Global variables/headers" section.

<video autoPlay muted loop playsinline className="w-full aspect-video" src="https://mintlify.s3-us-west-1.amazonaws.com/openchat-api-docs/images/auth.mp4" />
