# Authentication System Description (Auth)

## Description

Backend management interfaces adopt a multi-level authentication mechanism, commonly: **Public**, **User**, **Admin**, **Root**.

## Authentication Methods (Choose One)

### Session

Obtain Session via the login interface:

* `POST /api/user/login`

### Access Token (Recommended)

Carry in the request header:

```text
Authorization: Bearer {token}
```

Tokens can be generated in "Personal Settings - Security Settings - System Access Tokens".

## Required Request Headers

Some interfaces require carrying a user identification request header:

```text
New-Api-User: {user_id}
```

Where `{user_id}` must match the currently logged-in user.

## Permission Levels

* **Public**: No authentication required
* **User**: Requires login or Access Token
* **Admin**: Requires administrator privileges
* **Root**: Highest privilege