> ## Documentation Index
> Fetch the complete documentation index at: https://api.amlyze.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Access & Security

> Access to the API service is secured through a multi-layer approach: network-level IP Access Control Lists (ACL) and application-level Token Authorization. Both mechanisms are required for successful requests.

## IP Access Control (ACL)

Your server's specific IP address(es) must be explicitly authorized to communicate with the API.

* **Provisioning**: Your IP addresses are added to the ACL during the onboarding process.
* **Updates**: To add or remove IP addresses after onboarding, you must contact Support.

## Authorization (API Token)

Once network access is granted via the ACL, you must authorize your requests using an API token.

* **Provisioning**: Your unique API token is issued to you during the onboarding process.
* **Header Format**: All requests must include the HTTP Authorization header using the Bearer schema.
* **Updates**: If you need to generate a new token or revoke an existing one, please contact Support.

<Warning>
  Your API token carries full administrative privileges. Keep it secure. Never share your secret token in publicly accessible areas such as GitHub repositories, client-side code, or public forums.
</Warning>

<RequestExample>
  ```bash Authorized Request theme={null}
  curl --request POST \
    --url /amlyze-ws-rest/customer \
    --header "Authorization: Bearer sup3r_s3cr37_@pi_|<3y_3x4mpl3" \
    --data '{...}'
  ```
</RequestExample>

<ResponseExample>
  ```json Unauthorized Response (401) theme={null}
  {
    "error": {
      "code": "unauthorized"
    }
  }
  ```
</ResponseExample>
