> For a complete index of all SignalWire documentation pages, fetch https://signalwire.com/docs/llms.txt

# authenticate

> Obtains the initial credentials.

```ts
authenticate(): Promise<{ expiry_at: number; token: string; }>
```

Obtains the initial credentials. Called once during client initialization.

Implementor responsibilities:

* Resolve with a valid [`SDKCredential`](/docs/browser-sdk/v4/reference/interfaces/sdk-credential) on success.
* Reject (throw) on failure — this will cause client initialization to fail.
* When `context.fingerprint` is provided, forward it to the server-side token
  endpoint with `scope: "sat:refresh"` to enable automatic token refresh.

SDK behavior:

* Awaits this method before establishing the WebSocket connection.
* On rejection, propagates the error to the caller of `SignalWire()`.

## **Returns**

`Promise<{ expiry_at: number; token: string; }>`

## **Examples**

```ts
import { EmbedTokenCredentialProvider } from '@signalwire/js';

const provider = new EmbedTokenCredentialProvider({
  token: 'YOUR_EMBED_TOKEN',
  host: 'your-space.signalwire.com',
});

// Called by the SDK during `new SignalWire(provider)` — typically not
// invoked directly by application code.
const credential = await provider.authenticate({ /* AuthenticateContext */ });
```