> ## Documentation Index
> Fetch the complete documentation index at: https://docs.domino.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication

## Methods

These are the authentication methods available when using the Domino Data API:

* **Credential propagation**: A token is periodically refreshed and stored in a file. The file location is defined in the **DOMINO\_TOKEN\_FILE** env variable

* **API Key**: If enabled, the user API key is exported in the **DOMINO\_USER\_API\_KEY** env variable

## Availability

<Note>
  Those methods are not available in all run types. The following table lists the availability for these methods.
</Note>

| Run type        | Who?    | Token | API Key |
| --------------- | ------- | ----- | ------- |
| Workspace       | Creator | Yes   | Yes     |
| Job             | Creator | Yes   | Yes     |
| Scheduled Job   | Creator | Yes   | Yes     |
| Launcher        | User    | Yes   | Yes     |
| App             | Creator | Yes   | Yes     |
| Domino endpoint | N/A     | No    | No      |

<Note>
  Anonymous users don’t have a token or API key, and are therefore not allowed to access data sources through public launchers automatically. If you still want to support anonymous execution, the launcher author would need to configure the launcher following the instructions in the [custom authentication](/cloud/reference/api/data_api/datasource_usecases/custom_auth) section or pass the credentials as a parameter.
</Note>

<Warning>
  As described in the matrix, Domino endpoint does not support automatic authentication. You can set the **DOMINO\_USER\_API\_KEY** environment variable for Domino endpoint or follow the instructions in the [custom authentication](/cloud/reference/api/data_api/datasource_usecases/custom_auth) section to use the *DataSourceClient* or the *TrainingSetClient* in this type of run.
</Warning>
