# Authentication

This group refers to endpoints related to authentication.

## Get all Permissions

> Retrieves all resources that the passed authentication token is currently\
> authorized to access. Nomenclature matches the API reference page in settings.\
> \
> This is an API configuration endpoint and does not correspond to a specific frontend page.<br>

```json
{"openapi":"3.0.3","info":{"title":"API V2","version":"v2"},"tags":[{"name":"Authentication","description":"This group refers to endpoints related to authentication."}],"servers":[{"url":"https://api.managebac.com","description":"CA ManageBac API server."},{"url":"https://api.managebac.cn","description":"CN ManageBac API server."},{"url":"https://api.us.managebac.com","description":"US1 ManageBac API server."},{"url":"https://api.managebac.us","description":"US2 ManageBac API server."},{"url":"https://api.managebactest.com","description":"UAT ManageBac API server."},{"url":"https://{Host}","variables":{"Host":{"default":"api.devel.managebac.com","enum":["api.devel.managebac.com","api-faria.devel.managebac.com","api.managebac.dev"]}}}],"security":[{"bearerAuth":[]},{"authTokenQuery":[]},{"authTokenHeader":[]}],"components":{"securitySchemes":{"bearerAuth":{"type":"http","scheme":"bearer","description":"OAuth 2.0 Bearer token obtained via client credentials grant. Pass the token in the Authorization header as `Bearer <token>`."},"authTokenQuery":{"type":"apiKey","name":"auth_token","in":"query","description":"Your V2 API authentication token may be passed in the parameters. To protect your key, use [environment variables](https://cloud.google.com/docs/authentication/api-keys#securing_an_api_key)."},"authTokenHeader":{"type":"apiKey","name":"auth-token","in":"header","description":"Your V2 API authentication token may be passed in the header. To protect your key, use [environment variables](https://cloud.google.com/docs/authentication/api-keys#securing_an_api_key)."}},"schemas":{"AuthPermissionsResponse":{"type":"object","properties":{"permissions":{"type":"array","items":{"type":"string"}}}}}},"paths":{"/v2/auth/permissions":{"get":{"summary":"Get all Permissions","operationId":"listTokenResources","tags":["Authentication"],"description":"Retrieves all resources that the passed authentication token is currently\nauthorized to access. Nomenclature matches the API reference page in settings.\n\nThis is an API configuration endpoint and does not correspond to a specific frontend page.\n","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/AuthPermissionsResponse"}}}}}}}}}
```

## Obtain an Access Token

> Obtain an OAuth 2.0 access token using the Client Credentials grant.\
> Pass your application's \`client\_id\` and \`client\_secret\` along with\
> \`grant\_type=client\_credentials\`. Optionally request a subset of the\
> scopes configured on the application. The returned Bearer token can\
> then be used in the \`Authorization\` header for all other API endpoints.<br>

```json
{"openapi":"3.0.3","info":{"title":"API V2","version":"v2"},"tags":[{"name":"Authentication","description":"This group refers to endpoints related to authentication."}],"servers":[{"url":"https://api.managebac.com","description":"CA ManageBac API server."},{"url":"https://api.managebac.cn","description":"CN ManageBac API server."},{"url":"https://api.us.managebac.com","description":"US1 ManageBac API server."},{"url":"https://api.managebac.us","description":"US2 ManageBac API server."},{"url":"https://api.managebactest.com","description":"UAT ManageBac API server."},{"url":"https://{Host}","variables":{"Host":{"default":"api.devel.managebac.com","enum":["api.devel.managebac.com","api-faria.devel.managebac.com","api.managebac.dev"]}}}],"security":[],"paths":{"/oauth/token":{"post":{"summary":"Obtain an Access Token","operationId":"createOAuthToken","tags":["Authentication"],"description":"Obtain an OAuth 2.0 access token using the Client Credentials grant.\nPass your application's `client_id` and `client_secret` along with\n`grant_type=client_credentials`. Optionally request a subset of the\nscopes configured on the application. The returned Bearer token can\nthen be used in the `Authorization` header for all other API endpoints.\n","parameters":[],"responses":{"200":{"description":"Token issued successfully","content":{"application/json":{"schema":{"$ref":"#/components/schemas/OAuthTokenResponse"}}}},"400":{"description":"Invalid scope requested","content":{"application/json":{"schema":{"$ref":"#/components/schemas/OAuthTokenError"}}}},"401":{"description":"Invalid client credentials","content":{"application/json":{"schema":{"$ref":"#/components/schemas/OAuthTokenError"}}}}},"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/OAuthTokenRequest"}}}}}}},"components":{"schemas":{"OAuthTokenResponse":{"type":"object","properties":{"access_token":{"type":"string","description":"The Bearer token (JWT) to use in the Authorization header."},"token_type":{"type":"string","enum":["Bearer"],"description":"Always `Bearer`."},"expires_in":{"type":"integer","description":"Token lifetime in seconds."},"scope":{"type":"string","description":"Space-separated list of granted scopes."},"created_at":{"type":"integer","description":"Token creation timestamp (Unix epoch)."}},"required":["access_token","token_type","expires_in","scope","created_at"]},"OAuthTokenError":{"type":"object","properties":{"error":{"type":"string","description":"Error code."},"error_description":{"type":"string","description":"Human-readable error message."}},"required":["error","error_description"]},"OAuthTokenRequest":{"type":"object","properties":{"grant_type":{"type":"string","enum":["client_credentials"],"description":"The OAuth 2.0 grant type. Only `client_credentials` is supported for server-to-server API access."},"client_id":{"type":"string","description":"The `client_id` (Application ID) of your OAuth application."},"client_secret":{"type":"string","description":"The `client_secret` of your OAuth application."},"scope":{"type":"string","description":"A space-separated list of scopes to request. Must be a subset of the scopes configured on the application. If omitted, all scopes defined on client creation will be granted."}},"required":["grant_type","client_id","client_secret"]}}}}
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://guide.fariaedu.com/integrations-portal/managebac/public-rest-apis/v2/authentication.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.