---
title: "Authentication | Grafana Cloud documentation"
description: "Overview of the authentication process to make use of the Grafana Incident JSON/HTTP RPC API"
---

> For a curated documentation index, see [llms.txt](/llms.txt). For the complete documentation index, see [llms-full.txt](/llms-full.txt).

# Authentication

To access the Grafana Incident [JSON/HTTP RPC API](/docs/grafana-cloud/alerting-and-irm/irm/reference/incident-api/get-started), you will need to create a **Service Account** and a **Service account token** from the **Administration** section in the sidebar.

> Note
> 
> You do not need to create a service account token for the [Incoming](/docs/grafana-cloud/alerting-and-irm/irm/integrations/custom-integrations/incoming-webhooks) and [Outgoing](/docs/grafana-cloud/alerting-and-irm/irm/integrations/custom-integrations/outgoing-webhooks) webhooks.

> Learn more about [Service accounts and tokens](/docs/grafana/latest/administration/service-accounts/) in the **Administration** documentation.

## Get a service account token

An Admin user can generate a service account token through the Grafana web interface:

1. [Create a dedicated Service account](/docs/grafana/latest/administration/service-accounts/#create-a-service-account-in-grafana) for API access. It is recommended that you create a service account for each application.
2. Give it the `Editor` role, so it is able to take action.
3. [Add a token to the service account](/docs/grafana/latest/administration/service-accounts/#to-add-a-token-to-a-service-account) so the API can act on behalf of that account.
4. Copy the token to your clipboard, and use it when making API calls.

## Use the service account token

You will need to make HTTP requests with the following header:

http ![Copy code to clipboard](/media/images/icons/icon-copy-small-2.svg) Copy

```http
Authorization: Bearer glsa_HOruNAb7SOiCdshU9algkrq7F...
```

When using one of the [official client libraries](/docs/grafana-cloud/alerting-and-irm/irm/reference/incident-api/client-libraries), you can provide this programmatically through environment variables or a secret manager.