# App + user token

Use this approach if you want an access token to have app + user context. In this case, EmbedFAST will retrieve user identification from the token and use it for authentication and authorization (access control and validation).

{% hint style="info" %}
**Note:** 

* The EmbedFAST Admin API **requires** this approach.
* The EmbedFAST User (Client) API can use this approach if authentication and authorization are integrated with Microsoft Entra ID.
  {% endhint %}

1. Log into [Postman](https://www.postman.com/).
2. Go to the **Workspaces** tab > **My Workspace**.<br>

   <figure><img src="/files/LFrSca5wXITLIjYmU10Z" alt=""><figcaption></figcaption></figure>
3. Click on the **+** icon next to the **Overview** tab to create a new request.

<figure><img src="/files/XZO4CbI6BV4t2sivKdNi" alt=""><figcaption></figcaption></figure>

4. This will take you to a new request page.

<figure><img src="/files/cMOfO0IKinITLU8e4OGe" alt=""><figcaption></figcaption></figure>

5. Click on the **Authorization** tab below the entry field.

<figure><img src="/files/Yr1YzVJl8Ktov02CptcL" alt=""><figcaption></figcaption></figure>

6. From the drop-down menu next to **Type**, select **OAuth 2.0**.

<figure><img src="/files/IBF81Jtu8N5GllUDaYXJ" alt=""><figcaption></figcaption></figure>

7. Add parameters under the **Configure New Token** section as detailed in the table below:

<figure><img src="/files/toTQkoDtZs5Qw5QcN98F" alt=""><figcaption></figcaption></figure>

| **Parameters**        | **Inputs**                                                                       |
| --------------------- | -------------------------------------------------------------------------------- |
| Token Name            | Create and enter a token name                                                    |
| Grant Type            | Select **Implicit**                                                              |
| Callback URL          | **<https://oauth.pstmn.io/v1/browser-callback>**                                 |
| Auth URL              | **<https://login.microsoftonline.com/\\><Your-Tenant-ID>/oauth2/v2.0/authorize** |
| Client ID             | Enter the client ID of the EmbedFAST API's app registration                      |
| Scope                 | Enter the scope added in the EmbedFAST API's app registration                    |
| State                 | Leave this blank                                                                 |
| Client Authentication | **Send as basic Auth header**                                                    |

{% hint style="info" %}
**Reminder:** Ensure that the callback URL is added as a redirect URI in the app registration for the EmbedFAST API, as detailed in [previous sections](/embedfast-technical-documentation/setting-up/post-deployment/add-the-redirect-uris.md).
{% endhint %}

8. Click on **Get New Access Token** after entering the parameters detailed above.<br>

<figure><img src="/files/DORWrU2C2FMhEmEzPG8V" alt=""><figcaption></figcaption></figure>

9. A dialog box will appear which confirms the completion of the authentication.\ <br>

<figure><img src="/files/Xb6SvX1ZgnT4zdHC1LrA" alt=""><figcaption></figcaption></figure>

10. You can copy the access token from the page shown below.<br>

    <figure><img src="/files/boTL4SXvrYyG7VJ8ksKK" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://maqsoftware.gitbook.io/embedfast-technical-documentation/setting-up/post-deployment/generate-a-token-using-postman/app-+-user-token.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.