# Authentication

{% hint style="info" %}
You need to have a **Business** or **Enterprise** plan to be able to use our API. [Check out our pricing page for more info.](https://www.colossyan.com/pricing)
{% endhint %}

Colossyan's API is using [Bearer Authentication](https://swagger.io/docs/specification/v3_0/authentication/bearer-authentication/). This means, that every request has to be authenticated by sending the token in the `Authorization` header pre-pended by the text `Bearer` . See the example below:

```javascript
const response = await fetch(`${api}/video-generation-jobs`, {
  method: "POST",
  headers: {
    Authorization: `Bearer ${token}`, // Authentication
    "Content-Type": "application/json",
  },
  body: JSON.stringify(job),
});
```

You can create or find your existing tokens at the bottom of the **Workspace details** tab [in the Settings page](https://app.colossyan.com/settings).

<figure><img src="https://55465428-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F2Ywi5dAVPQ3D5ZEo1sKj%2Fuploads%2FOthFFQ5yd3gE7afBKHyH%2Fapikey%20(1).gif?alt=media&#x26;token=a191a66b-48a2-4f96-a530-b46a5e7ddb5b" alt=""><figcaption></figcaption></figure>

{% hint style="info" %}
Each token belongs to a specific workspace. This is where are the generated videos that you create through the API will be listed. To keep things tidy, it is recommended to create a specific workspace for each use-case for the API.
{% endhint %}