From 28ceb56a516a074ee20cd14b6a3e9278eda781c4 Mon Sep 17 00:00:00 2001
From: Marco Piovanello <35533749+marcopiovanello@users.noreply.github.com>
Date: Mon, 13 Jan 2025 13:07:01 +0100
Subject: [PATCH] Updated Authentication methods (markdown)

---
 Authentication-methods.md | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/Authentication-methods.md b/Authentication-methods.md
index 349d02d..81a4679 100644
--- a/Authentication-methods.md
+++ b/Authentication-methods.md
@@ -53,4 +53,34 @@ Provide your `config.yml` to yt-dlp-webui:
 
 # or with docker
 docker exec --rm -d -p 3033:3033 -v <your_config_directory>:/conf ghcr.io/marcopeocchi/yt-dlp-web-ui:latest
+```
+
+## API Authentication
+
+About the API authentication: there's three methods to provide the token:
+- cookies: cookie named `jwt-yt-dlp-webui`
+- query params: `?token=yourjwttoken`
+- headers: `X-Authentication` header
+
+### How to obtain the token
+
+```
+curl -H "Content-Type: application/json" \
+  -X POST \
+  -d '{"username":"ciao","password":"ciaociao"}' \
+  http://localhost:3033/auth/login
+```
+where `http://localhost:3033` will be replaced with your ip/hostname.
+
+The JWT token will be returned in the response.
+
+### Execute requests with token
+
+As described before, with token or query params.  
+Here's an example using query params:
+```
+curl -H "Content-Type: application/json" \
+  -X POST \
+  -d '{"url": "http://some.video/1"}' \
+  http://localhost:3033/api/v1/exec?token=eyJhbGciOiJIUzI1NiIsInR5cC...
 ```
\ No newline at end of file