# Getting Started with the Apono API

### Overview

Welcome to the Apono Public API reference! This guide will help you start integrating Apono into your workflows. Using the API, you can easily create Access Flows, add Integrations, create and manage access requests, export activity logs, and more.

### Getting Started

All API requests are made over HTTPS and must be authenticated. Responses are returned in JSON format.

### Authentication

Apono’s API uses token-based authentication. To authenticate, include the following header in each request:

```json
Authorization: Bearer <your-api-token>
```

If authentication is not provided or fails, a 401 "Unauthorized" response will be returned.

```json
HTTP/1.1 401 Unauthorized

{
    "status": "401",
    "code": "Unauthorized"
}
```

You can create and manage your **API tokens** on the API Tokens page of your Apono app or user portal. Refer to API Authentication for step-by-step instructions on generating your API tokens.

### Base URL

All requests should be made to the following base URL:

```http
https://api.apono.io/api/
```

### Headers

Include the following headers with all API calls:

```json
Content-Type: application/json
Authorization: Bearer <your-api-token>
```

### OpenAPI Specification

For teams that want to integrate Apono’s API into internal tools, generate client SDKs, or validate request structures, we provide a full OpenAPI (Swagger) spec.

[View the OpenAPI spec](https://github.com/apono-io/terraform-provider-apono/blob/main/internal/v2/api/openapi.json)

*(You can import this directly into tools like Postman, Insomnia, or Swagger UI.)*

### Support

Need help? Reach out to us at <support@apono.io>

### Next Steps

* [Generate an API Token](https://docs.apono.io/api-reference/api-overview/api-authentication)
* [Explore the Full API Reference](https://docs.apono.io/api-reference/apono)
* [Reference Integration-Specific Configuration Metadata](https://docs.apono.io/api-reference/api-overview/broken-reference)