# Server Authentication

Tonomy SDK allows apps to **authenticate users to their backend servers** without relying on **centralized identity providers**. This provides **cryptographic proof-of-identity** for **secure API requests, data access, and user actions**.

### Client-side

```typescript
const jwt = await user.createClientAuthorization({
    username: await user.getUsername(),
    foo: "bar"
});
// Securely send the jwt string to your server
```

### Server-side

```typescript
import { verifyClientAuthorization } from '@tonomy/tonomy-id-sdk'

// receive JWT string from the client
const verifiedUser = await verifyClientAuthorization(jwt);
```

You can also use the same flow above to send all requests, which adds integrity protection and non-repudiation to all requests to your server.

**Why use it?**

* **Proof-of-Identity** for **backend actions** (e.g., payments, data storage)
* **Non-repudiation**: **Know exactly which user made the request**


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.tonomy.io/build-web4-apps/usage/server-authentication.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.