The authentication is done from the perspective of a trader/end-user. Meaning that our system is expecting Log-in/Authentication credentials from a previously Signed-up user account.

There are three ways a trader can be authenticated. You must include a grant_type parameter (string) in the request which defines the authentication method. The authentication endpoint currently supports the following grant types:

grant_type	Description
`password`	Manual trader authentication method. Correct user email and password combination must be provided in order to authenticate an end-user.
`refresh_token`	Refresh access token that lasts for 24 hours. Can be passed to the Trade Widget `refreshToken` parameter to automatically log in your end-user to Coinify's Trade Widget (See Trade Widget Section). Part of the Frictionless Log-in flow .*
`offline_token`	Offline token (part of frictionless Sign-up/Log-in flow)**

In order to obtain an access_token, you must authenticate yourself using one of the authentication methods.

When a successful authentication has been performed, you will receive an access_token and a refresh_token as exemplified in the response to the right (click on the "200 - Result" to see a successful API response). You must pass this access token in the Authorization header parameter to communicate with most Trade API endpoints.