# DailyPay API Access Overview

DailyPay adheres to the [OAuth 2.0 RFC 6749](https://datatracker.ietf.org/doc/html/rfc6749) and [OpenID Connect](https://openid.net/specs/openid-connect-core-1_0.html) specifications. This document will walk you through the steps to get an access token your application can use to make requests to the DailyPay Public REST API.

We support the following methods:

- [Authorization Code Flow](/guides/auth/authorization-code-flow): This method is suitable when access to resources requires user consent, facilitating user consent and enabling your application to perform actions on their behalf.
> For instance, retrieve [account details](/developer-resources/documentation/accounts/listaccounts) or initiate a [transfer](/developer-resources/documentation/transfers/createtransfer).
- [Client Credential Flow](/guides/auth/client-credentials-flow): This method is suitable for server-to-server operations, where additional levels of user consent may not be required.
> For instance, you can utilize the [Organizations endpoint](/developer-resources/documentation/organizations/readorganization) to view connected employer organizations.


## Before You Begin

### 1. Register your Application

Your DailyPay contact will ask you to provide

- a callback url that can receive the code result of the OAuth 2.0 authorization code flow
- links to your privacy policy and terms of service
- optionally, a logo for use on the OAuth consent screen


details
summary
OpenID Connect (OIDC)
- For additional security, you may be asked to provide DailyPay with a JSON Web Key Set (JWKS) or url for retrieving your JWKS to utilize signed OIDC requests.


### 2. Configure

p
DailyPay will provide configuration values for your application:
ul
li
code
client_id
li
code
client_secret
, if applicable
li
code
scope
a list of scopes your application can request, which may include "offline_access" and "openid"
li
code
redirect_uri
 the registered callback url you provided