# Authentication

## Governance

There are two methods for making an authenticated request to the Governance API. Select a tab below for instructions.

{% tabs %}
{% tab title="API key method" %}

1. Generate your API key on the **API Keys** tab on your profile page and save the API key somewhere secure.
2. You will pass this API key in the authorization header when you make a request, as illustrated in the example below:

   ```bash
   curl \
       --request GET \
       --header "Content-Type: application/json" \
       --header "Authorization: 846e9e43c86a4ct1be14290d95127d13f" \
       https://your-immuta-url.immuta.com/data/connection/123456789
   ```

{% endtab %}

{% tab title="Bearer token method" %}

1. Generate your API key on the **API Keys** tab on your profile page and save the API key somewhere secure.
2. Pass this API key in the authorization header and make the following request to the `authentication` endpoint:

   ```bash
   curl \
       --request POST \
       --header "Content-Type: application/json" \
       https://your-immuta-url.immuta.com/bim/apikey/authenticate \
       -d '{ "apikey": "YOUR_API_KEY" }'
   ```
3. You will receive a response that includes your bearer token. Pass that bearer token in the authorization header when you make a request, as illustrated in the example below:

   ```bash
   curl \
       --request GET \
       --header "Content-Type: application/json" \
       --header "Authorization: Bearer dea464c07bd07300095caa8" \
       https://demo.immuta.com/data/connection/123456789
   ```

{% endtab %}
{% endtabs %}

## Request app

The Request app API uses JWTs to match users with their tenants. The JWTs contain this metadata in the claims, which is required for the request context in the Request app API. See the [Request app API page](https://documentation.immuta.com/saas/developer-guides/marketplace-api#authentication) for instructions.