> ## Documentation Index
> Fetch the complete documentation index at: https://docs.modawer.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication

> Shared authentication behavior for queue message endpoints

Queue message endpoints are configured with `AllowAnonymous()`.

## API key header

Pass the `X-API-KEY` header with a valid app token or dev token.

```http theme={null}
X-API-KEY: your-app-token
```

If no valid API key is provided, the API returns `401 Unauthorized`.

## App token behavior

When you use a valid app token, messages are sent using the recipient provided in the request.

## Dev token behavior

When you use a dev token:

* The message is not sent to the provided recipient.
* The message is routed through Telegram.
* Delivery is redirected to the app's linked Telegram chats.

<Warning>
  If a dev token is used and the app has no linked Telegram chats, the API
  returns `TelegramChatNotLinked`.
</Warning>
