# Authentication The Sesame Data uses Basic Authentication, utilising a combination of a username and API tokens as passwords. Upon token generation, clients will receive their unique password. This password and their client-specific username are required as authentication when making requests.
UsernameA unique code belonging to each client. This will be available in the Sesame Data Experience
PasswordThe token which allows you to make requests. This is generated in the Sesame Data Experience
Additionally, the API provides support for IP whitelisting, enhancing data security by restricting authentication to a predefined list of IPs. This feature ensures that only authorised IPs can authenticate by presenting a valid token. You may also find it valuable to explore our tutorial on [using-sesame-data-with-postman](https://docs.landytech.com/sesame-data-v2/tutorials-recipes/using-sesame-data-with-postman "mention").
Tokens are your key to access your data similar to a password.authentication-api-token.pngcreate-and-manage-your-api-token
Use generated tokens to access to authenticate and have access to your data.authentication-how-authenticate.pnghow-to-authenticate
Increase the security by optionally enabling protection by IPs.authentication-ip-whitelisting.pngip-whitelisting