# API Authentication

Authenticating against the API requires the generation of a Bearer Token against a “bootstrap” URL.

```sh

curl --location 'https://bootstrap.swiftyrx.dev/oauth/token/' \
--form 'username="<username>"' \
--form 'grant_type="password"' \
--form 'password="<password>"'

```

An example response would be:

```json

{
   "access_token": "ZbYQlivo27y537O89F074p2HfOh5A5",
   "expires_in": 36000,
   "token_type": "Bearer",
   "scope": "openid",
   "refresh_token": "opu0wFWWmirHDCtewCuVYLz7TCJYbr"
}

```

From there, you authenticate against the API using the access_token as a Bearer token as follows:

```sh

curl -X 'GET' \
  'https://acme.swiftyrx.dev/api/swifty/1/prescriptions?page=1&results_per_page=10&deep=false' \
  -H 'accept: application/json' \
  -H 'Authorization: Bearer ZbYQlivo27y537O89F074p2HfOh5A5'

```