Mobile applications, third-party applications, and JavaScript components/widgets (storefront or admin) are the three main types of clients as seen by Magento. Though a client is basically everything communicating with our APIs, each type of client has a preferred authentication method.

Magento supports three types of authentication methods, listed as follows:

Token-based authentication is most suitable for mobile applications, where a token acts like an electronic key providing access to the Web API's. The general concept behind a token-based authentication system is relatively simple. The user provides a username and password during initial authentication ...