> ## Documentation Index
> Fetch the complete documentation index at: https://docs.authsignal.com/llms.txt
> Use this file to discover all available pages before exploring further.
# Client API - Overview
> Learn how to use the Authsignal Client API to build custom authentication flows.
The Authsignal Client API can be used to perform challenges using different authentication methods and verify users.
This API is designed to be used if you're not using Authsignal's [pre-built UI](./../../implementation-options/prebuilt-ui/overview) and are building your own web or native app UI.
## Endpoint selection
Select the API endpoint which correlates with your tenant's region selection.
```bash US (Oregon) theme={null}
https://api.authsignal.com/v1/client
```
```bash EU (Ireland) theme={null}
https://eu.api.authsignal.com/v1/client
```
```bash AU (Sydney) theme={null}
https://au.api.authsignal.com/v1/client
```
```bash CA (Montreal) theme={null}
https://ca.api.authsignal.com/v1/client
```
## Authentication
The Authsignal Client API uses bearer authentication with a short-lived token obtained from the [Server API](/api-reference/server-api/track-action) or via a [Server SDK](/sdks/server).
### 1. Track an action
You should first [track an action](/api-reference/server-api/track-action) that represents what the user is doing (e.g. "signIn") and get a token which is valid for 10 minutes.
```ts Node.js theme={null}
const request = {
userId: "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
action: "signIn",
};
const response = await authsignal.track(request);
const token = response.token;
```
```csharp C# theme={null}
var request = new TrackRequest(
UserId: "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
Action: "signIn"
);
var response = await authsignal.Track(request);
var token = response.Token;
```
```java Java theme={null}
TrackRequest request = new TrackRequest();
request.userId = "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833";
request.action = "signIn";
TrackResponse response = authsignal.track(request).get();
String token = response.token;
```
```ruby Ruby theme={null}
response = Authsignal.track({
user_id: "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
action: "signIn",
})
token = response[:token]
```
```python Python theme={null}
response = authsignal.track(
user_id="dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
action="signIn",
)
token = response["token"]
```
```php PHP theme={null}
$response = Authsignal::track([
'userId' => "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
'action' => "signIn",
]);
$token = $response["token"];
```
```go Go theme={null}
response, err := client.Track(
TrackRequest{
UserId: "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
Action: "signIn",
},
)
token := response.Token
```
When tracking an action to enroll an authenticator, the scope `add:authenticators` must be
explicitly specified if the user is already enrolled with at least one authentication method.
Learn more about scopes for [authenticator binding](/advanced-usage/authenticator-binding).
### 2. Use bearer auth
This token can then be used to authenticate to the Client API using bearer auth.
```bash US (Oregon) theme={null}
curl https://api.authsignal.com/v1/client/user-authenticators \
-H "Accept: application/json" \
-H "Authorization: Bearer TOKEN_RETURNED_FROM_SERVER_API"
```
```bash EU (Ireland) theme={null}
curl https://eu.api.authsignal.com/v1/client/user-authenticators \
-H "Accept: application/json" \
-H "Authorization: Bearer TOKEN_RETURNED_FROM_SERVER_API"
```
```bash AU (Sydney) theme={null}
curl https://au.api.authsignal.com/v1/client/user-authenticators \
-H "Accept: application/json" \
-H "Authorization: Bearer TOKEN_RETURNED_FROM_SERVER_API"
```
```bash CA (Montreal) theme={null}
curl https://ca.api.authsignal.com/v1/client/user-authenticators \
-H "Accept: application/json" \
-H "Authorization: Bearer TOKEN_RETURNED_FROM_SERVER_API"
```
The authentication model is designed so you can call the Authsignal Client API directly from your web browser or mobile app (though you can also communicate via your backend where convenient).