# Authentication

{% hint style="info" %}
You can use HTTP Basic Authentication if you are an Administrator with a username and password (non-SSO).

To check if you are an Administrator, go to `My profile > Organisation settings > Administrators`.
{% endhint %}

## Administrator Basic Authentication

## POST /v1/login

> Starts a session given a username/password and puts it into a cookie.

```json
{"openapi":"3.0.3","info":{"title":"Lenses API","version":"6.1"},"tags":[{"name":"Lenses_HQ_API_other"}],"security":[{"Lenses_HQ_API_bearerAuth":[]},{"Lenses_HQ_API_cookieAuth":[]}],"components":{"securitySchemes":{"Lenses_HQ_API_bearerAuth":{"type":"http","scheme":"bearer","description":"The bearer token can be obtained by creating a ServiceAccount.\n"},"Lenses_HQ_API_cookieAuth":{"type":"apiKey","in":"cookie","name":"session_id","description":"On successful SAML/SSO login, the API will set a cookie with a session id.\n"}},"schemas":{"Lenses_HQ_API_LoginRequest":{"type":"object","description":"Bundles a username/password for authentication purposes.","properties":{"username":{"type":"string"},"password":{"type":"string"}},"required":["username","password"]}}},"paths":{"/v1/login":{"post":{"description":"Starts a session given a username/password and puts it into a cookie.","operationId":"login","requestBody":{"required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Lenses_HQ_API_LoginRequest"}}}},"responses":{"204":{"description":"Happy response. A set-cookie header will be present."}},"tags":["Lenses_HQ_API_other"]}}}}
```

## Service Accounts

Use a Bearer Token to authenticate service accounts. Set the token in the HTTP header request.

```bash
# EXAMPLE
# Get the list of environments via API
curl https://lenses.example.com/api/v1/environments \
  -H 'Authorization: Bearer MY_SERVICE_ACCOUNT_KEY'
```