title: Azure App Configuration REST API - Authentication description: Reference pages for authentication using the Azure App Configuration REST API author: maud-lv ms.author: malev ms.service: azure-app-configuration ms.topic: reference ms.date: 08/17/2020
All HTTP requests must be authenticated. The following authentication schemes are supported.
HMAC authentication uses a randomly generated secret to sign request payloads. Details on how requests using this authentication method are authorized can be found in the HMAC authorization section.
Azure Active Directory (Azure AD) authentication utilizes a bearer token that is obtained from Azure Active Directory to authenticate requests. Details on how requests using this authentication method are authorized can be found in the Azure AD authorization section.