--- title: "Authentication options for the HTTP API | Grafana documentation" description: "You can authenticate HTTP API requests using basic authentication or a service account token." --- > For a curated documentation index, see [llms.txt](/llms.txt). For the complete documentation index, see [llms-full.txt](/llms-full.txt). # Authentication options for the HTTP APIs Authentication options depend on whether you’re using [Grafana on prem](#authentication-options-in-grafana-ossenterprise) or [Grafana Cloud](#authentication-options-in-grafana-cloud). To set up organizations, refer to the [X-Grafana-Org-Id header](#the-x-grafana-org-id-header) section. ## Authentication options in Grafana OSS/Enterprise You can authenticate HTTP API requests using basic authentication or a service account token. ### Basic auth This option is available in Grafana on prem only. Basic auth is enabled by default and allows you authenticate your HTTP request via standard basic auth. Basic auth also authenticates LDAP users. For example: Bash ![Copy code to clipboard](/media/images/icons/icon-copy-small-2.svg) Copy ```bash curl http://admin:admin@localhost:3000/api/org {"id":1,"name":"Main Org."} ``` ### Service account token To create a service account token: 1. Go to **Administration** in the left-side menu 2. Click **Users and access > Service Accounts**. For more information on how to use service account tokens, refer to the [Service Accounts](/docs/grafana-cloud/security-and-account-management/authentication-and-permissions/service-accounts) documentation. You use the token in all requests in the `Authorization` header, for example: http ![Copy code to clipboard](/media/images/icons/icon-copy-small-2.svg) Copy ```http GET http://your.grafana.com/api/dashboards/db/mydash HTTP/1.1 Accept: application/json Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk ``` The `Authorization` header value should be *`Bearer `* . ## Authentication options in Grafana Cloud To use the HTTP API provided by a Grafana Cloud instance, authenticate requests with a service account token. To access or create your service account tokens: 1. Go to **Administration** in the left-side menu 2. Click **Users and access > Service Accounts**. For details on creating service accounts, assigning permissions, and adding tokens, refer to [Service Accounts](/docs/grafana-cloud/account-management/authentication-and-permissions/service-accounts/). Include the service account token in the `Authorization` header for all requests to your Grafana instance: http ![Copy code to clipboard](/media/images/icons/icon-copy-small-2.svg) Copy ```http GET http://your.grafana.com/api/dashboards/db/mydash HTTP/1.1 Accept: application/json Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk ``` Requests to the HTTP API are authenticated using the `Authorization` header: Bash ![Copy code to clipboard](/media/images/icons/icon-copy-small-2.svg) Copy ```bash Authorization: Bearer ``` ## The X-Grafana-Org-Id header **X-Grafana-Org-Id** is an optional property that specifies the organization to which the action is applied. If not set, the created key belongs to the current context org. Use this header in all requests except those regarding admin. **Example Request**: http ![Copy code to clipboard](/media/images/icons/icon-copy-small-2.svg) Copy ```http GET /api/org/ HTTP/1.1 Accept: application/json Content-Type: application/json X-Grafana-Org-Id: 2 Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk ```