# Authorization & Authentication Evia Sign API uses OAuth 2.0 (Authorization Code Flow) to provide secure access, ensuring that only authorized users and applications can interact with the API. This method allows applications to obtain an access token that must be included in all API requests for authentication. To securely interact with the Evia Sign API, you’ll need to authenticate your application using **OAuth 2.0 Authorization Code Flow**. ## What is a Base URL? The **Base URL** is the root address that serves as the entry point for all Evia Sign API requests. You will append specific endpoints to this base to interact with different API features (e.g., sending documents, managing signatories, tracking signatures). **Base URL**: `https://evia.enadocapp.com/_apis/sign` ## Authentication Method: OAuth 2.0 (Authorization Code Flow) Evia Sign uses **OAuth 2.0**, specifically the **Authorization Code Flow**, which is one of the most secure methods for authorizing access to an API. Here’s a quick breakdown of how it works: 1. **App Registration** Before initiating the authentication flow, the third-party application must be registered in Evia Sign.\ Upon successful registration, you will receive the following: * **Client ID** – A unique identifier for the application. * **Client Secret** – A confidential key used for secure token exchange. {% hint style="info" %} These credentials uniquely identify and authorize your app. {% endhint %} 2. **Request Authorization Code** Use the Evia Sign authorization URL, including the required parameters, to request an authorization code. 3. **Authorization Code Issued** If the request is valid, Evia Sign returns an authorization code. 4. **Token Exchange** Use the authorization code, along with your Client ID and Client Secret, to call Evia Sign’s token endpoint and exchange it for an access token. 5. **Authenticated Requests** Once the access token is received, include it in the `Authorization` header to make authenticated requests to the Evia Sign API. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.sign.enadocapp.com/evia-sign-api/v2/authorization-and-authentication.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.