# Authentication

## Access Levels

ReceiptHero API has two access levels:

1. Partner Application general access
2. User specific resource access

## Partner App general access

To acces any endpoint partner app must include ReceiptHero API key in every request in custom HTTP header:

```
RECEIPTHERO_APIKEY <partner applications api key>
```

## User specific resource access

To access any resource that is owned by ReceiptHero user partner application must add OAuth access token to Http Authorization header:

```
HTTP_AUTHORIZATION Bearer <oauth bearer token>
```

! This access token is user specific so every user has different access token