> ## Documentation Index
> Fetch the complete documentation index at: https://docs.neuronsearchlab.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication

> Secure access to NeuronSearchLab APIs and SDKs.

NeuronSearchLab offers two authentication methods:

* **SDK Credentials** — OAuth 2.0 client credentials for direct API access via the SDK. Best for production integrations.
* **API Keys** — Simple Bearer tokens for the Platform API and server-side console automation. See the [API Keys guide](/guides/api-keys) for details.

This page covers SDK credential setup. Follow these practices to protect your integration.

## Create SDK credentials

<Steps>
  <Step title="Open SDK Credentials">
    Visit [Console -> SDK Credentials](https://console.neuronsearchlab.com/security).
  </Step>

  <Step title="Create a client">
    Click **New client** and provide a descriptive name per application or environment.
  </Step>

  <Step title="Store the generated secret">
    Download the generated **Client ID** and **Client Secret**. Store the secret in a secure vault and never ship it to browsers or mobile apps.
  </Step>
</Steps>

## Exchange credentials for an access token

Use the client credentials to request a short-lived access token.

```bash theme={null}
curl -X POST https://auth.neuronsearchlab.com/oauth2/token \
  -H "Authorization: Basic <base64(client_id:client_secret)>" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "grant_type=client_credentials"
```

Tokens default to a 60-minute lifetime. Cache them server-side, compute an `expires_at` timestamp from `expires_in`, and refresh proactively to avoid downtime.

## Authenticate SDK requests

Obtain an access token using the client credentials grant, then pass it to the SDK:

### JavaScript / TypeScript

```ts theme={null}
import NeuronSDK from '@neuronsearchlab/sdk';

const sdk = new NeuronSDK({
  baseUrl: 'https://api.neuronsearchlab.com/v1',
  accessToken: '<your_access_token>',
});
```

### PHP / Laravel

```php theme={null}
<?php

use NeuronSearchLab\NeuronSDK;

$sdk = new NeuronSDK([
    'baseUrl' => 'https://api.neuronsearchlab.com/v1',
    'accessToken' => '<your_access_token>',
]);
```

Both SDKs retry transient errors with exponential backoff. You are responsible for refreshing the access token before it expires (tokens default to 60 minutes) and updating the client:

* JavaScript: `sdk.setAccessToken(newToken)`
* PHP: `$sdk->setAccessToken($newToken)`

## Protect secrets in production

* Scope clients per environment (staging, production) to limit blast radius.
* Rotate credentials regularly using your secrets manager.
* Audit token usage through the console activity logs.

For endpoint-specific authentication details, refer to the [Core API introduction](/api-reference/introduction), the [JavaScript SDK](/sdk/introduction), or the [PHP SDK](/sdk/php).
