# Authentication

To authenticate requests to the MarketingBlocks API, you must use an Access Token. This token is a secure key that identifies and authorizes your client or application when making API calls. You can obtain your token from the API Tokens Page. If you don't already have one, you’ll need to generate it from that page.

🔑 Token Structure and Usage Access Tokens are permission-based: When generating a token, you must select one or more permissions (e.g., social-read-posts, social-create-post, etc.). The token will only be valid for API endpoints that match the selected permissions.

* Token lifespan:
  * Tokens can be created to never expire (long-lasting), or
  * The creator can specify a custom expiration (e.g., 7 days).
* Once expired, the token becomes invalid and cannot be used to authenticate requests.

Rate Limiting: All access tokens are subject to a rate limit of 100 requests per second. Exceeding this limit may result in temporary throttling or rejection of requests.

📥 Request Headers Every API request must include the following header:

```
Authorization: Bearer YOUR-API-TOKEN
```

Replace `YOUR-API-TOKEN` with the actual token you generated.

⚠️ Error Handling All successful API responses will return an HTTP status code 200. In the event of an error, the API will respond with:

* An appropriate HTTP status code (e.g., 400, 401, 403, 429, etc.)
* A JSON payload describing the error and the reason for failure.

Example error response:

```json
{
  "status": false,
  "message": "Access token has expired or is invalid."
}
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.marketingblocks.ai/agentic-ai-docs/api-reference/authentication.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.