---
title: "Authentication"
url: "https://docs.unified.to/concepts/glossary/authentication"
description: "Unified.to documentation"
generated_at: "2026-05-21T18:12:26.976Z"
---
# Glossary: Authentication[Glossary](/concepts/glossary)

**Authentication** is the process of verifying the identity of a client, such as an end user, application, or device. It answers the question "Who are you?"

These are the most common ways a client can authenticate itself with an API:

* **API key:** The client provides an API key — a simple text string — as proof of its identity.
* **API key + secret:** This is a more secure variant of API key authentication, where the client provides both an API key and a secret to authenticate itself. Like the API key, the secret is also a text string, but it is known only to the client. The API applies some transformation to the secret — usually hashing — in order to confirm that it is valid.
* **OpenID Connect (OIDC):** An authentication protocol built on the OAuth 2 authorization protocol and used in conjunction with it. In OIDC, the clientsend credentials to an OAuth 2 authorization server to confirm its identity. If successful, the authorization server sends the client an ID token, which acts as proof that the client has been authenticated.