> ## Documentation Index
> Fetch the complete documentation index at: https://docs.finhub.cloud/llms.txt
> Use this file to discover all available pages before exploring further.

# Production Auth

> Production authentication setup

# Production Authentication

Production authentication differs from sandbox with additional security.

## Differences from Sandbox

| Feature        | Sandbox  | Production |
| -------------- | -------- | ---------- |
| mTLS           | Optional | Required   |
| IP Whitelist   | Optional | Required   |
| Token Lifetime | 10,000s  | 3,600s     |
| Rate Limits    | Relaxed  | Strict     |

## mTLS Setup

1. Generate CSR (Certificate Signing Request)
2. Submit CSR to FinHub
3. Receive signed certificate
4. Install certificate in your application

## Authentication Request

```bash theme={null}
curl -X POST "https://gateway.finhub.cloud/oauth/token" \
  --cert client.crt \
  --key client.key \
  -H "Content-Type: application/json" \
  -d '{
    "grant_type": "client_credentials",
    "client_id": "YOUR_PROD_CLIENT_ID",
    "client_secret": "YOUR_PROD_CLIENT_SECRET"
  }'
```

## Token Management

* Tokens expire after 1 hour
* Implement proactive refresh (at 80% lifetime)
* Cache tokens appropriately
* Handle 401 errors with re-authentication