> ## Documentation Index > Fetch the complete documentation index at: https://www.cashfree.com/docs/llms.txt > Use this file to discover all available pages before exploring further. # Authorize > Use this API to authenticate with the Cashfree system and obtain the authorization bearer token. All other API calls must have this token as Authorization header in the format 'Bearer ' (without quotes) for them to get processed. **URLs**
* Production/Live: [https://payout-api.cashfree.com/payout/v1/authorize](https://payout-api.cashfree.com/payout/v1/authorize) * Sandbox/Test: [https://payout-gamma.cashfree.com/payout/v1/authorize](https://payout-gamma.cashfree.com/payout/v1/authorize) If you do not have a static IP, you can generate a public key and pass it with the API request. To generate a public key, 1. Go Payouts Dashboard > **Developers** section on the left-side navigation > **Payouts** > **Two-Factor Authentication** > **Public Key**. 2. Click **Generate Public Key**. The public key will be downloaded to your computer and the password to access it will be your email ID registered with Cashfree Payments. Only one Public Key can be generated at a time. Below are the steps to generate your signature: 1. Retrieve your clientId (one which you are passing through the header X-Client-Id ) 2. Append this with CURRENT UNIX timestamp separated by a period (.) 3. Encrypt this data using RSA encrypt with Public key you received - this is the signature. 4. Pass this signature through the header X-Cf-Signature. In the case of using our library, go through the libraries section. During the initialization process, you need to pass the key as a parameter. ```php PHP theme={"dark"} "; $publicKey = openssl_pkey_get_public(file_get_contents("/path/to/certificate/public _key.pem")); $encodedData = $clientId.".".strtotime("now"); return static::encrypt_RSA($encodedData, $publicKey); } private static function encrypt_RSA($plainData, $publicKey) { if (openssl_public_encrypt($plainData, $encrypted, $publicKey, OPENSSL_PKCS1_OAEP_PADDING)) $encryptedData = base64_encode($encrypted); else return NULL; return $encryptedData; } ?> ``` ```java Java theme={"dark"} private static String generateEncryptedSignature(String clientIdWithEpochTimestamp) { // String clientIdWithEpochTimeStamp = clientId+"."+Instant.now().getEpochSecond(); String encrytedSignature = ""; try { byte[] keyBytes = Files .readAllBytes(new File("/Users/sameera/Downloads/payout_test_public_key.pem").toPath()); // Absolute Path to be replaced String publicKeyContent = new String(keyBytes); System.out.println(publicKeyContent); publicKeyContent = publicKeyContent.replaceAll("[\\t\\n\\r]", "") .replace("-----BEGIN PUBLIC KEY-----", "").replace("-----END PUBLIC KEY-----", ""); KeyFactory kf = KeyFactory.getInstance("RSA"); System.out.println(publicKeyContent); X509EncodedKeySpec keySpecX509 = new X509EncodedKeySpec( Base64.getDecoder().decode(publicKeyContent)); RSAPublicKey pubKey = (RSAPublicKey) kf.generatePublic(keySpecX509); final Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-1AndMGF1Padding"); cipher.init(Cipher.ENCRYPT_MODE, pubKey); encrytedSignature = Base64.getEncoder().encodeToString(cipher.doFinal(clientIdWithEpochTimestamp.getBytes())); System.out.println(encrytedSignature); } catch (Exception e) { e.printStackTrace(); } return encrytedSignature; } ``` ```python Python theme={"dark"} from cashfree_sdk.payouts import Payouts // Initialise the SDK, pass public key for dynamic IP Payouts.init("", "", "PROD", public_key= b'public key') ``` ```javascript Node theme={"dark"} //require CashfreeSDK const cfSdk = require('cashfree-sdk'); //access the PayoutsSdk from CashfreeSDK const {Payouts} = cfSdk; // Instantiate Cashfree Payouts const payoutsInstance = new Payouts({ env: 'TEST', clientId: '', clientSecret: '', pathToPublicKey: '/path/to/your/public/key/file.pem', //"publicKey": "ALTERNATIVE TO SPECIFYING PATH (DIRECTLY PASTE PublicKey)" }); ``` ## OpenAPI ````yaml post /payout/v1/authorize openapi: 3.0.0 info: title: Payouts version: 3.0.0 servers: - url: https://payout-api.cashfree.com description: Production - url: https://payout-gamma.cashfree.com description: Sandbox security: - {} paths: /payout/v1/authorize: post: summary: Authorize description: >- Use this API to authenticate with the Cashfree system and obtain the authorization bearer token. All other API calls must have this token as Authorization header in the format 'Bearer <token>' (without quotes) for them to get processed. The generated token is valid for 6 minutes. operationId: authorize-2 parameters: - name: X-Cf-Signature in: header description: Signature to be sent if IP is not whitelisted. required: false style: simple explode: false schema: type: string - name: X-Client-Secret in: header description: Client Secret key required: true style: simple explode: false schema: type: string - name: X-Client-Id in: header description: Client ID required: true style: simple explode: false schema: type: string responses: '200': description: '200' content: application/json: schema: $ref: '#/components/schemas/inline_response_200_10' '401': description: '401' content: application/json: schema: $ref: '#/components/schemas/inline_response_401' deprecated: false security: [] components: schemas: inline_response_200_10: type: object properties: status: type: string example: SUCCESS message: type: string example: Token is valid subCode: type: string example: '200' inline_response_401: type: object properties: status: type: string example: ERROR subCode: type: string example: '401' message: type: string example: Invalid clientId and clientSecret combination ````