# Authentication

To interact with the Fullwhere Partner API, you need to authenticate your requests using `X-API-KEY` and `X-API-SECRET`. These tokens are supplied as **Header parameters** in the request, ensuring that only authorized clients can access and manipulate data.

### Generating a token

{% hint style="info" %}
To create and manage API credentials, you must have an Admin access to your Fullwhere workspace.
{% endhint %}

**(1)** Log in to your Fullwhere account.

**(2)** Go to **Settings** > **Connectivity** > **Developers** tab.

**(3)** Click **Generate an API Key**.

**(4)** Enter an API Key Name and Description.

**(5)** Click **Create**.

**(8)** Copy your `API-KEY` and your `API-SECRET` — `API-SECRET` will only be displayed once.

**(9)** Confirm that you have saved it securely, then click **Continue**.

### Managing and deleting tokens

From the **Developer** tab, you can **manage** API tokens existing on your Fullwhere Account. Click on the pencil icon on the right to change the **name** or **description** of your API key.

Click the trash icon to **delete** an API key.

{% hint style="info" %}
Token deletion is irreversible. Any integration using a deleted token will stop working until a new one is generated and configured.
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.fullwhere.com/developer/authentication.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.