Authentication

The recommended authentication method with the Penneo API is OAuth 2.0

Our OAuth 2.0 implementation has two authentication methods:

1. The Authorization Code Grant is suited for integrations with user interaction. It allows for multiple different Penneo users to login via SSO or Penneo credentials.
2. The API Keys Grant is suited for headless, fully automated integrations, which don't have any user interaction.

You can use our PHP SDKs or build a custom integration.

Alternative Authentication methods

If for some reason the OAuth-based authentication flows don't meet the requirements of your application, you can use one of our legacy authentication methods instead:

• Web Services Security
• JSON Web Tokens

Please note that the use of these is not recommended. If you prefer to use them regardless, we'd be keen to learn more about your reasoning. Please don't hesitate to share via our Support Center.