> ## Documentation Index
> Fetch the complete documentation index at: https://docs.adullam.dev/llms.txt
> Use this file to discover all available pages before exploring further.

# Overview

# Adullam Authentication Overview

Adullam uses **phone + password** to issue short‑lived **Bearer** access tokens. Use **Get access token** to obtain a token and **Rotate access token** to replace it with a new one.

* **[Get access token](/api-reference/authentication/get-access-token)** — Exchange phone and password for an access token via `POST /v1/auth/token`. Use the token in the `Authorization: Bearer …` header (or `x-auth`) for all other API calls.
* **[Rotate access token](/api-reference/authentication/rotate-access-token)** — Replace the current token with a new one via `POST /v1/auth/rotate`. The previous token is invalidated. Use rotation periodically or after a suspected compromise.

## Flow

1. **Get token**: `POST /v1/auth/token` with `phone` and `password`. Response includes the access token. Phone must match the pattern for Côte d'Ivoire (e.g. `+22507123456`).
2. **Call APIs**: Send `Authorization: Bearer YOUR_TOKEN` (or `x-auth: YOUR_TOKEN`) on every request to payments, transfers, and account.
3. **Rotate** when needed: `POST /v1/auth/rotate` with the current token in the header; use the new token from the response.

## Support

<Note>
  Need help? Contact us by **email** ([support@adullam.dev](mailto:support@adullam.dev)), **WhatsApp** ([chat](https://wa.me/0103961828)), or **Telegram** ([@adullam\_official](https://t.me/adullam_official)).
</Note>
