# Authentication & Authorization
{% hint style="warning" %}
In order to use almost all of the API endpoints outside of this page, you must authenticate yourself.
{% endhint %}
Firstly, you must generate a new session for your respective Lambda account. After doing so you will be able to move forward in accessing other API endpoints.
## Generate a session for a given Lambda account
`POST` `/auth/login`
#### Request Body
| Name | Type | Description |
| -------------------------------------- | ------ | ------------------------------------ |
| ukey\* | String | User key given upon account creation |
{% tabs %}
{% tab title="200: OK Authenticated" %}
```json
{
success: true,
userFacingMessage: string,
token: Your Authorization Token
}
```
{% endtab %}
{% tab title="400: Bad Request Failed Authentication" %}
```json
{
success: false,
userFacingMessage: string
}
```
{% endtab %}
{% endtabs %}
Now that you have successfully authenticated yourself, you will be given a token. Now let us validate that we have logged into our Lambda account.
## Fetches the minimal authenticated user
`GET` `/users/authenticated`
#### Headers
| Name | Type | Description |
| ----------------------------------------------- | ------ | ------------------------------- |
| Authorization\* | String | Your Lambda Authorization Token |
{% tabs %}
{% tab title="200: OK Authorized" %}
```json
{
success: true,
username: Your Username,
rank: Your Rank,
avatarUrl: Your Avatar URL,
uid: Your UID
}
```
{% endtab %}
{% tab title="403: Forbidden Unauthorized" %}
```json
{
success: false,
userFacingMessage: string
}
```
{% endtab %}
{% endtabs %}
Now you can access the proceeding API endpoints by passing your token in the `Authorization` header for each request.