In this article you will find authorization related basic concepts used in the documentation.

CKEditor Cloud Services have a few authorization methods, each of them is suited for a given communication way. To find more detailed information, please check linked articles.

The diagram below show what authorization methods are available and where given operations needs to be performed.

Where specific secrets are used.

# API Secret

An API secret is a secret used to generate a signature for requests made to the REST API.

It is also used to verify webhooks requests.

API secrets can be managed managed through the CKEditor Customer Dashboard, or through the Management Panel in case of On-premises installations.

# Access Key

An Access Key is a key used to generate signed tokens.
Access Keys are generated in the CKEditor Customer Dashboard or in the Management Panel in case of On-premises installations.

Authorization paths.

# Token endpoint

An endpoint created by a customer which returns token. It needs to be created by customers and placed in the customers application. Thanks to that, a customer has a full ability to control the user data and privileges sent.

You can read more about token endpoint in the Token endpoint article.

# Token

It is returned from a Token endpoint. In a payload it contains all user data and roles and permissions of the user to a given document. Based on a sub property of the token, the usage of the application is billed.

You can read more about tokens and its generation in a dedicated section.