# Authentication

For authentication static tokens are used. Static tokens are institution specific and never expire, making them ideal for server-to-server communication.
You can request a static token by emailing us at [kontakt@edtelligent.de](mailto:kontakt@edtelligent.de).
There are two ways to pass it to the API: in the request's `Authorization Header` or via the `access_token` query parameter.

## Authorization Header

Authorization: Bearer <token>

## Query Parameter

?access_token=<token>