# API Authentication

The MBurger APIs offers 2 authentication providers:

* **project**: identifies a single project. This authentication is always requested while using API. It's based on a token header to add in every request.

To authenticate with the *project* provider the request **must include** the following headers:

| Header            | Description                                      |
| ----------------- | ------------------------------------------------ |
| X-MBurger-Token   | Your generated API key from the dashboard        |
| X-MBurger-Version | MBurger API version, actual version is now **3** |
| Accept            | application/json                                 |

* **mobile**: identifies a single user in a project. It's available only when the *users* feature is enabled and is

  based on JWT token header to add in every request.

To authenticate with the *mobile* provider the request **must include** the following headers:

| Header        | Description      |
| ------------- | ---------------- |
| Authorization | Bearer *JWT*     |
| Accept        | application/json |

The JWT token is obtained through the authentication API.

{% hint style="info" %}
If you are using Android or iOS, you will find open source SDKs in order to make mobile development easier. You can find more information for [iOS](https://github.com/Mumble-SRL/MBurger-iOS) and [Android](https://github.com/Mumble-SRL/MBurger-Android).
{% endhint %}