# Authentication overview

## Authentication server <a href="#overview-watchtogetherauthenticationserver" id="overview-watchtogetherauthenticationserver"></a>

The Watch Together Authentication server has two parts, the first one is hosted in the Media Server Cluster (MSC), the customer enclave, and the second is hosted by you in your data center/cloud.

![](/files/-Lrnwj48IBFpe9CAnGNv)

This architecture will allow you to apply and integrate your own logic for supplying valid token to the clients and apply your own security standards.

### Authentication flow <a href="#overview-authenticationflow" id="overview-authenticationflow"></a>

In order to make requests to the MSC Authentication service, you require API \_KEY and API\_SECRET, both of which you get by logging in to your private area - [Private area](https://media.sceenic.co/).

![Authentication flow](/files/-MK9vJKmQkFOzI-d9dA_)

{% hint style="info" %}
**Please note**:&#x20;

* Tokens are only valid for a specific session and the JWT token describes the connection details
* Tokens are generated only once and therefore need to be persisted on the **CustomerAuthServer**
* For two clients to be able to connect to the same session the clients must have exactly the same JWT token
  {% endhint %}

## Customer authentication server <a href="#customer-authentication-server" id="customer-authentication-server"></a>

As we require that Clients will not directly request tokens from our Authentication service (CAS) we would like to suggest an authentication flow for your backend.

In this flow, we suggest a way to create a backend service that will be hosted on your side and will allow different clients to connect by sharing a `TokenID`.

![Customer authentication server - suggested flow](/files/-MO0wQRISKeEbRbcxJA1)

## Authentication API reference <a href="#overview-authenticationapireference" id="overview-authenticationapireference"></a>

Follow this [link](/watch-together-sdk/sscale-confluence-api-references/cluster-authentication-service-reference-cas-2.md) to see the Authentication API reference.

## Support <a href="#overview-support" id="overview-support"></a>

Need technical support? contact us at <Support@sceenic.co>.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://documentation.sceenic.co/watch-together-sdk/sscale-confluence-overview.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.