# App-only token

Use this approach if you want an access token to have app-only context. In this case, EmbedFAST will use an app-only token for authentication and retrieve user identification from the ‘embedfast-user-id’ header parameter to use for authorization (access control and validation).

{% hint style="info" %}
**Note:** 

* The EmbedFAST Admin API **does not** support this approach.
* The EmbedFAST User (Client) API can use this approach if you need to integrate with any available authentication providers.
  {% endhint %}

1. Log into [Postman](https://www.postman.com/).
2. Go to the **Workspaces** tab > **My Workspace**.<br>

   <figure><img src="/files/LFrSca5wXITLIjYmU10Z" alt=""><figcaption></figcaption></figure>
3. Click on the **+** icon next to the **Overview** tab to create a new request.

<figure><img src="/files/XZO4CbI6BV4t2sivKdNi" alt=""><figcaption></figcaption></figure>

4. This will take you to a new request page.

<figure><img src="/files/cMOfO0IKinITLU8e4OGe" alt=""><figcaption></figcaption></figure>

5. Click on the **Authorization** tab below the entry field.

<figure><img src="/files/Yr1YzVJl8Ktov02CptcL" alt=""><figcaption></figcaption></figure>

6. From the drop-down menu next to **Type**, select **OAuth 2.0**.

<figure><img src="/files/IBF81Jtu8N5GllUDaYXJ" alt=""><figcaption></figcaption></figure>

7. Add parameters under the **Configure New Token** section as detailed in the table below:

<figure><img src="/files/toTQkoDtZs5Qw5QcN98F" alt=""><figcaption></figcaption></figure>

| **Parameters**        | **Inputs**                                                                    |
| --------------------- | ----------------------------------------------------------------------------- |
| Token Name            | Create and enter a token name                                                 |
| Grant Type            | Select **Client Credentials**                                                 |
| Access Token URL      | **<https://login.microsoftonline.com/\\><Your-Tenant-ID>/oauth2/v2.0/ token** |
| Client ID             | Enter the client ID of the EmbedFAST API's app registration                   |
| Client Secret         | Enter the client secret of the EmbedFAST API's app registration               |
| Scope                 | **api://\<Client-ID>/.default**                                               |
| Client Authentication | **Send as basic Auth header**                                                 |

{% hint style="info" %}
**Reminder:** Ensure that the callback URL is added as a redirect URI in the app registration for the EmbedFAST API, as detailed in [previous sections](/embedfast-technical-documentation/setting-up/post-deployment/add-the-redirect-uris.md).
{% endhint %}

8. Click on **Get New Access Token** after entering the parameters detailed above.<br>

<figure><img src="/files/DORWrU2C2FMhEmEzPG8V" alt=""><figcaption></figcaption></figure>

9. A dialog box will appear which confirms the completion of the authentication.\ <br>

<figure><img src="/files/Xb6SvX1ZgnT4zdHC1LrA" alt=""><figcaption></figcaption></figure>

10. You can copy the access token from the page shown below.<br>

    <figure><img src="/files/boTL4SXvrYyG7VJ8ksKK" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://maqsoftware.gitbook.io/embedfast-technical-documentation/setting-up/post-deployment/generate-a-token-using-postman/app-only-token.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.