> ## Documentation Index
> Fetch the complete documentation index at: https://docs.openlight.tech/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication

> Authenticate requests with an OpenLight API token

OpenLight Public API requests use bearer token authentication. Create an API token in OpenLight, store it securely, and send it in the `Authorization` header.

```bash theme={null}
curl https://app.openlight.tech/api/creator/v1/brands \
  -H "Authorization: Bearer $OPENLIGHT_API_TOKEN" \
  -H "Accept: application/json"
```

API tokens inherit the role permissions of the account that created them. Seller and operator tokens can only access authorized seller resources. Creator tokens can only access creator-side resources available to that creator.

If a token is missing, expired, invalid, or does not have permission for the requested resource, the API returns a structured error response with an HTTP status code.
