# Authentication
## Authentication
`POST` `https://next.cloudio.io/v1/auth`
This endpoint allows you to authenticate a service account
#### Headers
| Name | Type | Description |
| -------------- | ------ | ---------------------------------------------------------------------------------- |
| Content-Type | string | application/json |
| Authentication | string | Authentication token
JS e.g. `Token ${btoa(`${username}:${password}`)}`
|
#### Request Body
| Name | Type | Description |
| ---- | ------ | ------------- |
| body | string | Empty body {} |
{% tabs %}
{% tab title="200 User successfully authenticated" %}
```javascript
{
"orgUid": "cloudio",
"sessionId": "e5f5593b-3b19-4be0-921b-2c4fd3528425",
"userName": "steve",
"displayName": "Steve",
"emailAddress": "name@cloudio.io",
"csrf": "29f567c3-b2b7-4097-b478-52651b3ba91c",
"jwt": "eyasehfoiR5cCI6IkpXVCJ9.eyJzZXNzaW9uIjoiZTVmNT98W4KJSNS00YmUwLTkyMWItM_sample_jwt_iY3NyZiI6IjI5ZjU2N2MzLWIyYjctNDA5Ny1iNDc4LTUyNjUxYjNiYTkxYyIsIm9yZ191aWQiOiJjbG91ZGlvIn0.9KGI7odTQ2XrXhKASHFKJASsdglr1cqvceykv962UWMjEwAg",
"status": "OK"
}
```
{% endtab %}
{% tab title="403 Invalid username and/or password" %}
```javascript
{
"code": 403,
"status": "ERROR",
"title": "Access Denied",
"message": "Access Denied - Invalid username and/or password!"
}
```
{% endtab %}
{% endtabs %}
#### Sample Request
{% code overflow="wrap" %}
```javascript
const resp = await fetch("https://next.cloudio.io/v1/auth", {
method: "POST",
headers: {
Authorization: "Token c3RoYWXXXXXXXXW5pdnQ=",
"Content-Type": "application/json",
},
body: "{}",
});
const json = await resp.json();
```
{% endcode %}
{% hint style="info" %}
csrf & jwt values in the response must be passed by the client application in all the subsequent authenticated REST API calls.
{% endhint %}
{% hint style="success" %}
**Note:** The client application will have access to the datasources that are assigned to the roles accessible to the connected user.
{% endhint %}