# Access tokens

Access tokens are strings that identify the client of an API recipe. The token value is a secret that is shared between a client and the Workato server. A token is passed to the API in an authorization header. The header must have a valid value for the call to succeed.

Workato supports four token formats: Auth Token, OAuth 2.0, JSON Web Token (JWT), and OpenID Connect.

# Access token comparison

Auth Token OAuth 2.0 JSON Web Token (JWT) OpenID Connect
Simple to set up and configure into the API request. Yes Yes Yes Yes
Represents a Workato Access Profile. Yes Yes Yes Yes
Can be reused for multiple web applications. No Yes No Yes
Tokens with limited validity. No Yes Optional Yes

Learn more about how you can use access tokens with the Workato API Platform:

Last updated: 5/25/2024, 12:46:29 AM