# Authenticating

## Client ID and client secret

All requests to the API must be authenticated using a bearer token. You can get a bearer token
by authenticating with the API using your client ID and client secret. You can get your client ID
and client secret from the Spense Portal at https://app.spensepay.com/

It's important to note that each client/customer requires their own API credentials, and needs to
be generated for every client/customer that you have. For partners with a high volume of clients/customers
it is possible to automate much of this onboarding process. Please contact for more details.

## Getting a bearer token

To get a bearer token, you need to make a POST request to the `/auth/token` endpoint with your client ID
and client secret.

## Using the bearer token

Once you have the bearer token, you can use it to authenticate with the API by including it in the
`Authorization` header of your requests.