# Access Token
Access tokens are strings that identify the client of an API Recipe. The token value is a secret that is shared between a client and the Workato server. A token is passed to the API in an authorization header. The header must have a valid value for the call to succeed.
Workato supports three token formats: Auth Token, OAuth 2.0 and JSON Web Token (JWT).
# Difference between Auth Token and JSON Web Token
| - | Auth Token | OAuth 2.0 | JSON Web Token (JWT) | OpenID Connect |
|---|---|---|---|---|
| Simple to setup and configure into the API request. | Yes | Yes | Yes | Yes |
| Represents a Workato Access Profile. | Yes | Yes | Yes | Yes |
| Can be reused for multiple web applications. | No | Yes | No | Yes |
| Tokens with limited validity. | No | Yes | Optional | Yes |
Find out about how you can use access tokens with Workato API.