# User Authentication

The authentication API provides third-parties with a secure means of creating Last.fm user sessions over the Last.fm API, for deeper integration with our platform. All write services require authentication.

# 1. Get an API Key

You will need to apply for a key before authenticating with the API.

# 2. Configure Your API Account

Head over to your api accounts page, and select the account you wish to configure. You need to supply an application name, a description and an optional logo. Each of your account pages contains an API key and secret; you will need both to use the API.

# 3. Choose your authentication path

• If you're building a web application, see the web application how-to for more details.
• If you're building a desktop application, see the desktop application how-to for more details.
• If you're building on a standalone device such as a mobile phone, see the mobile how-to for more details.

In some cases, you may want to choose a different authentication path from the obvious (e.g. a mobile app could well use the desktop path if there's a web browser on the device). If in doubt, check them all out.

# 4. Authentication Spec

See the full authentication API specification for an overview of the API.