> ## Documentation Index
> Fetch the complete documentation index at: https://docs.blobhub.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication

## Overview

The WebSocket API uses the same authentication paradigm adopted by the [REST API](/rest-api).

## Using Native Headers

This method is consistent with [REST API](/rest-api) semantics.

### Bearer Token Authentication

In request headers:

```http theme={null}
GET /v1 HTTP/1.1
Host: realtime.blobhub.io
Authorization: Bearer <your_token_here>
```

### API Key-based Authentication

In request headers:

```http theme={null}
GET /v1 HTTP/1.1
Host: realtime.blobhub.io
X-API-Key: <your_api_key_here>
```

## Using `Sec-WebSocket-Protocol` Header

This syntax is supported to enable clients using JavaScript
[WebSockets API](https://html.spec.whatwg.org/multipage/comms.html#network).

### Bearer Token Authentication

In request headers:

```http theme={null}
GET /v1 HTTP/1.1
Host: realtime.blobhub.io
Sec-WebSocket-Protocol: authorization.bearer.base64, base64(<your_token_here>)
```

### API Key-based Authentication

In request headers:

```http theme={null}
GET /v1 HTTP/1.1
Host: realtime.blobhub.io
Sec-WebSocket-Protocol: x-api-key.base64, base64(<your_api_key_here>)
```

### Usage in JavaScript

Example web browser code:

```javascript theme={null}
const accessToken = "...";
const base64EncodedToken = btoa(accessToken);

var ws = new WebSocket(
  "wss://realtime.blobhub.io/v1", [
    "authorization.bearer.base64",
    base64EncodedToken
  ]
);
```
