# Authentication **Authentication & Authorization Endpoints** Essential API endpoints for secure authentication and authorization with the Flux network. These endpoints handle login phrase generation, message signing verification, and session management for all supported wallet types including SSP Wallet, ZelCore, MetaMask, and WalletConnect integrations. **Key Features:** - Multi-wallet authentication support - Secure login phrase generation - Cryptographic signature verification - Session token management - 5-tier permission system integration ## Obtain login phrase - [GET /id/loginphrase](https://docs.runonflux.io/fluxapi/authentication/loginphrase.md): Obtain valid Login Phrase for signing into Flux. Login Phrase is at least 40 characters, first 13 characters is server timestamp and is valid for 15 minutes. ## Login into Flux - [POST /id/verifylogin](https://docs.runonflux.io/fluxapi/authentication/verifylogin.md): Login into Flux by submitting correct ZelID, login phrase and signature. Note that to get the signature of the signed message you would need to do the signing on Zelcore or your BTC wallet or your ETH wallet. If success status response is returned, we can use the supplied data(zelid, loginPhrase, signature) as zelauth header as part of api calls that require a user to be logged in. Additionally it is possible to listen for a response on websocket. ws://{Flux_IP}:16127/ws/id/{loginPhrase}. ## Provide Signature - [POST /id/providesign](https://docs.runonflux.io/fluxapi/authentication/providesign.md): Provide requested signature from signed message to return data. ## Logs out a specific session - [POST /id/logoutspecificsession](https://docs.runonflux.io/fluxapi/authentication/logoutspecificsession.md): Logs out a specific session. Requires the knowledge of a session loginPhrase and so users level is sufficient and user cannot logout another user as he does not know the loginPhrase. Admin can logout any specific session. ## Obtain login phrase - [GET /id/loginphrase](https://docs.runonflux.io/fluxapi/id/loginphrase.md): Obtain valid Login Phrase for signing into Flux. Login Phrase is at least 40 characters, first 13 characters is server timestamp and is valid for 15 minutes. ## Login into Flux - [POST /id/verifylogin](https://docs.runonflux.io/fluxapi/id/verifylogin.md): Login into Flux by submitting correct ZelID, login phrase and signature. Note that to get the signature of the signed message you would need to do the signing on Zelcore or your BTC wallet or your ETH wallet. If success status response is returned, we can use the supplied data(zelid, loginPhrase, signature) as zelauth header as part of api calls that require a user to be logged in. Additionally it is possible to listen for a response on websocket. ws://{Flux_IP}:16127/ws/id/{loginPhrase}. ## Provide Signature - [POST /id/providesign](https://docs.runonflux.io/fluxapi/id/providesign.md): Provide requested signature from signed message to return data. ## Logs out a specific session - [POST /id/logoutspecificsession](https://docs.runonflux.io/fluxapi/id/logoutspecificsession.md): Logs out a specific session. Requires the knowledge of a session loginPhrase and so users level is sufficient and user cannot logout another user as he does not know the loginPhrase. Admin can logout any specific session.