> For the complete documentation index, see [llms.txt](https://docs.aicrisk.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.aicrisk.com/api-overview/airisk-api-oauth2-authentication/tokens/generic-vs.-user-specific-tokens/example-usage-flow-reasons.md). # Example Usage Flow / Reasons * **Two-Step Authentication Process** * **Description**: You have an app using the remote AIRisk instance in which only admins / trusted persons use. * **Use Case / Needs**: * See Available Users * Select One & Authenticate as them * i.e. Impersonation * Access endpoints and/or switch user (authenticating) as needed * **Methodology** * First, use `CLIENT_ID` & `CLIENT_SECRET` from the local environment * Invoke the authentication process for a generic token and store that to be used as the bearer token (for now) * Have a local endpoint that calls the remote endpoint `/api/ListUsers`, collects the returned JSONdata, and then redirects to a "Select User" page, listing the available users names & ids * If having a `USER_ID` in the environment for example, you could have the form default to it * Common practice for this in `flask` would be to redirect to an endpoint for select\_user which, when called via a GET request renders the form page (with the form action pointing to the same URL), or when called via a POST request collecting the submitted form data from the same page and then redirecting as needed. * When a user is selected, set that as the active user id in the session and **invoke the authentication process again but this time also passing `userid={SELECTED_USER_ID}`** as respective parameter types for the respective Authentication endpoints. Then save the returned `access_token` as the active bearer token to use in the headers of future GET requests. * **Single-User App** * **Description**: You have an App with a custom interface and which interacts with a remote AIRisk project instance. You will be the only person running this program, and only will do so on your own secure device. * **Use Case / Needs** * Load `APIUser` related `CLIENT_ID` and `CLIENT_SECRET` from a `.env` file * Load `ApplicationUser` related `id` also from a `.env` file in which belongs to your user account * Assuming both of the above exist and are valid. * **Methodology** * Load from `.env` * Store the `USER_ID` environment variable as `userid` in the session / local memory for usage across views/pages. * Invoke the authentication process but include `userid` as a parameter for both respective endpoints (encoding it in the URL for the GET request to `/api/oauth2`. Passing as a parameter in the POST request to `/api/oauth2/Token`) * Use the access token as the bearer token across the app. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.aicrisk.com/api-overview/airisk-api-oauth2-authentication/tokens/generic-vs.-user-specific-tokens/example-usage-flow-reasons.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.