> ## Documentation Index
> Fetch the complete documentation index at: https://help.cryptolens.io/llms.txt
> Use this file to discover all available pages before exploring further.

# User verifications

> A simple implementation of user verifications.

<Info>
  This article is a draft and is continuously being updated.
</Info>

<iframe width="560" height="315" src="https://www.youtube.com/embed/0GBkp4h6lt4" title="Username and Password Authentication in Cryptolens" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen />

Instead of authenticating users using their license key, which was described in the [key verification](/examples/key-verification) tutorial, you can authenticate them using their username and password. This can be preferred in the following use cases:

1. When your customers have multiple licenses.
2. When your service offers a web-version and a desktop version.

In case it is the first use case when customers have many licenses and you want to issue them one single license, please check out [customer secret](https://help.cryptolens.io/web-interface/customer-secret) tutorial.

When you set up user authentication using Cryptolens, you can manage the entire process yourself from your backend, including creation of new users, restoring password, etc. Similar to [key verification](/examples/key-verification), your customers will not have to interact with Cryptolens dashboard and you have control over the entire user experience.

If you would prefer Cryptolens to manage the user experience, you can use [the following](https://help.cryptolens.io/licensing-models/user-login-intro) approach instead.

## Getting started

You can read more about all the methods that are available in the [Web API documentation](https://app.cryptolens.io/docs/api/v3/UserAuth). The goal of this tutorial is to focus on the authentication method that retrieves all licenses that belong to a user.

To authenticate the user inside your application, we can use the code below. When `Login` method is called, it will return all the licenses that belong to your customer (assuming that the User is linked to a Customer in Cryptolens).

<Note>
  The code examples below require an access token with either **UserAuthNormal** or **UserAuthAdmin** permission. When running the code inside your application, please assign the access token **UserAuthNormal** permission only.
</Note>

In **C#**, the following code could be used as an example:

<CodeGroup>
  ```c# C# theme={null}
  var result = UserAuth.Login("access token with UserAuthNormal permission", new LoginUserModel { UserName = "username", Password = "password" });

  if(!Helpers.IsSuccessful(result)) 
  { 
    // error
  }

  var license = result.LicenseKeys.FirstOrDefault(x => x.ProductId == 123);

  if(license != null)
  {
    // no license for the product found
  }

  // proceed with activation as usual (if you want to use node-locking etc).
  Key.Activate("", new ActivateModel { ProductId = 123, Key = license.Key, MachineCode = Helpers.GetMachineCodePI(v: 2) });
  ```

  ```python Python theme={null}
  # res will be a tuple, where the first item contains the list of licenses or None.
  res = User.login("access token with UserAuthNormal permission", "username","password")

  if res == None:
    print("No licenses found")

  # find the first license object that comes from product 123.
  # if you want to obtain all licenses from product with id 123 (just an example), you 
  # can use licenses = [obj for obj in res[0] if obj['productId'] == 123]
  license = next((obj for obj in res[0] if obj['productId'] == 123), None)

  if license != None:
    # extract the license key and call Key.activate as described in the key verification tutorial.
  ```
</CodeGroup>