# Authentication

UbiFunctions' URLs are publicly exposed. This means that anyone with the URL path can invoke your code.

To add an authentication layer to your function, add a preliminary step before execution to check the token in the request.

Ubidots automatically passes the content of the **X-Auth-Token** header as a function argument:

| Request Header | Key inside Function |
| -------------- | ------------------- |
| X-Auth-Token   | TOKEN               |

See a Python example below:

```python
import requests as rq
import json

'''
Returns True or False based on the validity of the token
'''

def account_auth(token):

    response = {
        200: True,
        403: False
    }

    HOST = "https://industrial.api.ubidots.com"
    PATH = "/api/v1.6/user_check/"
    PARAMETERS = "?token={}".format(token)
    URL = "{}{}{}".format(HOST, PATH, PARAMETERS)

    r = rq.get(URL)

    code = r.status_code

    return response[code]

def main(args):

    token = args.get("token", None)

    if token is None:
        return {"ERROR": "Missing token"}

    valid = account_auth(token)

    if valid is not True:
        return {"ERROR": "Token not valid"}
```

{% hint style="info" %}
Please note that the function still executes even if the token is invalid, and it still counts toward your usage. We are working on a new method to optionally authenticate a function the same way you authenticate any Ubidots API request.
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://dev.ubidots.com/ubifunctions/getting-started/authentication.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.