In this article, you will find authorization-related basic concepts used in the documentation.

CKEditor Cloud Services have a few authorization methods, and each of them is suited for a given communication way. To find more detailed information, please check the linked articles.

The diagram below shows what authorization methods are available and where given operations need to be performed.

Where specific secrets are used.

# API Secret

An API secret is a secret used to generate a signature for requests made to the REST API.

It is also used to verify webhooks requests.

API secrets can be managed through the CKEditor Customer Dashboard, or through the Management Panel in case of On-premises installations.

# Access Key

An Access Key is a key used to generate signed tokens.
Access Keys are generated in the CKEditor Customer Dashboard or in the Management Panel in case of On-premises installations.

Authorization paths.

# Token endpoint

An endpoint created by a customer which returns a token. It needs to be created by customers and placed in the customers’ application. Thanks to that, a customer has the full ability to control the user data and privileges sent.

You can read more about the token endpoint in the Token endpoint guide.

# Token

It is returned from a Token endpoint. In the payload, it contains all user data and roles and permissions of the user to a given document. Based on a sub property of the token, the usage of the application is billed.

You can read more about tokens and their generation in a dedicated section.