# Integration ## Introduction The API gateway can receive audio file, decode and return transcription. It also provides authenticate service that helps authenticate user account or protect your backend endpoints without provide your own implementation ![](https://gblobscdn.gitbook.com/assets%2F-Lrcu0SsVz57PAvvYvQX%2F-MO4KN8lz3r_KHz8aeZi%2F-MO4PbmDwdmH1cPeOA_H%2FUntitled%20drawing%20\(3\).png?alt=media\&token=6736a0b9-4411-4c98-a42b-c99aea52b7db) Flow of sending audio file to the API Gateway ![](https://gblobscdn.gitbook.com/assets%2F-Lrcu0SsVz57PAvvYvQX%2F-MO4PkE5IhNaHbV97ZoR%2F-MO4VQhoj3oYP8gJKtmn%2FUntitled%20drawing%20\(4\).png?alt=media\&token=113297b6-e907-4225-97b2-ebc96318792e) Flow of authenticate user and protect your backend endpoints With the help of API gateway, your backend delegates user authentication part to the API gateway and you don't need to implement your user authentication your own. See below steps for setup to get your app integrates with the API gateway. ## Register your app to the API gateway First login to [https://gateway-app.speechlab.sg](https://gateway-app.speechlab.sg/) -> Select **Applications** in the left sidebar -> Click **Create** to create your application. Type in your App name and click Save. If you're account has `admin` role, then you can select other `queue` for your app otherwise it'll default to `normal` queue. > Queue: all users registered through your app can only submit audio file to that queue > To check your account's role, hover your avatar at top right corner After creating, you'll receive your **app ID**, **app Secret** and a **public Key.** You should save these information for later use, note that **app secret** will be shown **only once** , so remember to save it. For Public Key you should download it. Next in your code, when you register new account or login with the API gateway you should provide your **App ID** and **App Secret.** See example below: ## Login from your app to the API Gateway `POST` `https://gateway.speechlab.sg/auth/login` #### Request Body | Name | Type | Description | | --------- | ------ | ------------------ | | email | string | Account's email | | password | string | Account's password | | appId | string | Application ID | | appSecret | string | Application Secret | {% tabs %} {% tab title="200 " %} ``` ``` {% endtab %} {% endtabs %} ## Register from your app to the API Gateway `POST` `https://gateway.speechlab.sg/auth/register` #### Request Body | Name | Type | Description | | --------- | ------ | ------------------ | | name | string | Username | | email | string | Account's email | | password | string | Account's password | | appId | string | Application ID | | appSecret | string | Application Secret | {% tabs %} {% tab title="200 " %} ``` ``` {% endtab %} {% endtabs %} ​After login, you'll receive an accessToken that is signed **only** to use for your app. Next time when your user try to use your resources, they need to provide it request header (**Authorization: Bearer \**). And when your user access your protected endpoints, you should verify them using the **Public Key** (which you got from the early step above). Base on your language (Python/NodeJS,...) you should use correct version of **jsonwebtoken** library to verify user Access Token using **Public Key.** Below are example using **jsonwebtoken** in NodeJS. ``` const jsonwebtoken = require('jsonwebtoken') const fs = require('fs') jsonwebtoken.verify('access token', fs.readFileSync('./path_to_public_key'), { ignoreExpiration: false, ignoreNotBefore: false, algorithms: ['RS256'], issuer: 'api gateway url which you are working with', // Eg: https://gateway.speechlab.sg audience: 'Your app ID', }) ``` > Access Token is signed using RS256 algorithm And after verification, if access token is valid, they will have permission to access your endpoints