> ## Documentation Index
> Fetch the complete documentation index at: https://docs.medwrite.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# API Authentication

> API key and bearer token for MedWrite API access

API access uses two credentials together:

* **API Key** Identifies the integrating system. Provided by the medWrite team during onboarding and sent as a request header.
* **Bearer Token** Identifies the authenticated user. Obtained by calling the login endpoint with valid user credentials and the API key. The token is then sent in the `Authorization` header on all subsequent requests.

The login endpoint returns a bearer token and an expiration timestamp. The integrating system should track expiry and re-authenticate before the token expires to avoid interruption.

A validation endpoint is available to check whether a token is still valid without making a data request.

<Note>
  For the login endpoint, credentials, and API key, contact the **medWrite team**.
</Note>

## Best practices

* Store tokens securely; never expose them in client-side code or logs.
* Do not share tokens across user sessions.
* Re-authenticate proactively when the token is close to expiry.

## Next steps

<Columns cols={2}>
  <Card title="Embedded Authentication" icon="shield" href="/api-reference/embedded-authentication">
    Embed MedWrite in your EHR.
  </Card>

  <Card title="Get Approved Outputs" icon="file-check" href="/get-approved-outputs">
    Retrieve approved letters (FHIR Bundle).
  </Card>
</Columns>