# REST Authentication

The Voice API uses the standard HTTP `Authorization` header to pass authentication information to the Sinch servers. You can use [basic authentication](#basic-authentication) or [signed requests](/docs/voice/api-reference/authentication/signed-request). Additionally, you can set up [signed requests for callbacks](/docs/voice/api-reference/authentication/callback-signed-request) the Sinch servers make to your server, to validate and verify they are trusted.

Important!
Before using the Voice API to make calls, you must first purchase numbers using either the [dashboard](https://dashboard.sinch.com/numbers) or the [Numbers API](/docs/numbers). The Numbers API uses a different set of credentials than the Voice API, so ensure you follow the [documentation](/docs/numbers/api-reference/numbers) for more information.

## Basic Authentication

Basic authentication is the fastest and simplest method of authenticating API requests. All you need is the application key and secret from the [dashboard](https://dashboard.sinch.com/voice/apps).

To use basic authentication, set the application key as the username and the secret as the password, like in the following example:


```shell Basic example for authentication
//application call
usernameAndPassword = ApplicationKey + ":" + ApplicationSecret
```

The username and password must be base64 encoded before being added to the header, like in the following example:


```shell Base64 encoding example
Authorization = "Basic " + Base64 ( usernameAndPassword )
```

Note:
Basic authentication is quick and easy to use and is best used for testing or prototyping. In a production environment, we recommend using [signed requests](/docs/voice/api-reference/authentication/signed-request).